HTTP Referer Module

Igor Sysoev is at rambler-co.ru
Thu Jul 30 17:54:44 MSD 2009


On Thu, Jul 30, 2009 at 09:47:37AM -0400, Jim Ohlstein wrote:

> Hello,
> 
> We just went through a period where someone was seriously leeching 
> bandwidth. See the attached graph. It started just after midnight and I 
> noticed it this morning and took care of it.
> 
> We run a proxy on that server and someone was referring requests for 
> YouTube videos on their site to be served via our proxy.
> 
> What I did was to use a location block to return a nasty jpg to all 
> requests that match their requests.
> 
> location ~ /part-of-encoded-URL {
> rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
> }
> 
> You can see the results. The requests went away completely after a short 
> while.
> 
> I initially tried using the HTTP Referer Module but it seems it is 
> designed to require a list of valid referrers and others default to 
> invalid. Given the nature of my app, pretty much all referring sites are 
> "valid" and I would rather be able to list "invalid_referers", perhaps 
> in "http" section. Then I could add them to my list as they arose, and 
> not need a location block for each, in each server. If there's a way to 
> do this, I missed it in the Wiki and the Russian docs.

server {

    location /... {

        if ($http_referer ~ ^http://(bad.site|another.bas.site) {
            rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
        }

        ...
    }
}

This is a case when if/rewrite are good.


-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list