Modifying HttpAccessKeyModule

Mike Gagnon mikegagnon at gmail.com
Fri May 18 15:36:19 UTC 2012


Hello,

I would like to add a new feature to the HttpAccessKeyModule (
http://wiki.nginx.org/HttpAccessKeyModule).

As currently implemented when the visitor omits the key then the module
yields a 403 page. I would like to change this behavior, such that when a
visitor omits a key, then the module yields a page that contains javascript
to automatically generate a key. This page however, must be dynamically
generated for the specific URI requested (SSI seems appropriate).

If you're curious, I am building this feature to implement a "client
puzzle" protocol to rate-limit DoS attacks targeting upstream servers.
http://en.wikipedia.org/wiki/Client_Puzzle_Protocol

It is not clear to me how to implement this feature.
The NGX_HTTP_ACCESS_PHASE seems to have a limited ability to affect the
processing of requests. I.e. it can only return a status code, and it
cannot redirect the request to a specific content handler. Is this correct?
Do I need to invent a new internal status code? Would that require
modifying the nginx core?

Thanks!
Mike Gagnon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20120518/4bf4f308/attachment.html>


More information about the nginx-devel mailing list