HTTP Referer Module
Jim Ohlstein
jim at ohlste.in
Thu Jul 30 21:34:48 MSD 2009
Igor Sysoev wrote:
> On Thu, Jul 30, 2009 at 09:47:37AM -0400, Jim Ohlstein wrote:
>
>
>> Hello,
>>
>> We just went through a period where someone was seriously leeching
>> bandwidth. See the attached graph. It started just after midnight and I
>> noticed it this morning and took care of it.
>>
>> We run a proxy on that server and someone was referring requests for
>> YouTube videos on their site to be served via our proxy.
>>
>> What I did was to use a location block to return a nasty jpg to all
>> requests that match their requests.
>>
>> location ~ /part-of-encoded-URL {
>> rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
>> }
>>
>> You can see the results. The requests went away completely after a short
>> while.
>>
>> I initially tried using the HTTP Referer Module but it seems it is
>> designed to require a list of valid referrers and others default to
>> invalid. Given the nature of my app, pretty much all referring sites are
>> "valid" and I would rather be able to list "invalid_referers", perhaps
>> in "http" section. Then I could add them to my list as they arose, and
>> not need a location block for each, in each server. If there's a way to
>> do this, I missed it in the Wiki and the Russian docs.
>>
>
> server {
>
> location /... {
>
> if ($http_referer ~ ^http://(bad.site|another.bas.site) {
> rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
> }
>
> ...
> }
> }
>
> This is a case when if/rewrite are good.
>
I don't think I ever expected to "hear" you say that.
Thank you Igor.
Jim
More information about the nginx
mailing list