Blocking based on proxy_add_x_forwarded_for

Igor Sysoev is at
Wed Mar 11 09:34:03 MSK 2009

On Wed, Mar 11, 2009 at 01:40:54PM +0800, Shri @ DevLib.Org wrote:

> I have a situation where a fair number of spammers are sneaking in through proxy servers.
> Their real IP addresses can be traced back and identified.
> Our current blocking works like this.
>         location / {
>               deny A.B.0.0/16;
>         }
> Is there any way possible where I could check the $proxy_add_x_forwarded_for address and block these spammers on our forums?

Only using "set_real_ip_from". However, you should use it for trusted
proxy servers only as anyone may write anything in X-forwrded-For header.

Igor Sysoev

More information about the nginx mailing list