Fake video sharing Android App !!

[shahzaib shahzaib]

Hi,

    I have installed that android app and requested log against my ip is
following :

39.49.52.224 - - [15/Mar/2015:10:40:26 +0500] "GET
/files/thumbs/2015/03/14/1426310448973c5-1.jpg HTTP/1.1" 200 13096 "-"
"Dalvik/1.6.0 (Linux; U; Android 4.2.2; GT-S7582 Build/JDQ39)"

where 39.49.52.224 is ip of my modem.

I have also tried blocking specific user agent such as Android but neither
it worked (sure i am doing something wrong) nor this is the correct
solution :

if ($http_user_agent ~* "Linux;Android 4.2.2") {
   return 403;
}


Thanks.
Shahzaib

On Mon, Mar 16, 2015 at 6:28 PM, Francis Daly <francis at daoine.org> wrote:

> On Mon, Mar 16, 2015 at 04:09:30PM +0500, shahzaib shahzaib wrote:
>
> Hi there,
>
> > Webserver is nginx and hotlinking is already enabled but the issue with
> no
> > Referer_Header for the requests being generated by this android
> > application.
> >
> > What precautions should we take to prevent this application by using our
> > server's bandwidth ?
>
> You have "the requests that you wish to allow as normal". You have "the
> requests that you wish not to allow, since they come from this client".
>
> What part of the request that nginx sees puts it into the "yes" or
> "no" bucket?
>
> Put that in your configuration, so that "yes" does what happens now,
> and "no" returns a http error, or returns a different video inviting
> the client to get your official app.
>
> Perhaps their app uses a unique User-Agent header; or all "wanted"
> clients do include a Referer header?
>
> If you can't tell a "good" request from a "bad" one, you probably cannot
> configure nginx to.
>
>         f
> --
> Francis Daly        francis at daoine.org
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20150316/4b4eeaf4/attachment.html>