Blocking based on proxy_add_x_forwarded_for
Igor Sysoev
is at rambler-co.ru
Wed Mar 11 09:34:03 MSK 2009
On Wed, Mar 11, 2009 at 01:40:54PM +0800, Shri @ DevLib.Org wrote:
> I have a situation where a fair number of spammers are sneaking in through proxy servers.
>
> Their real IP addresses can be traced back and identified.
>
> Our current blocking works like this.
>
> location / {
> deny A.B.0.0/16;
> }
>
> Is there any way possible where I could check the $proxy_add_x_forwarded_for address and block these spammers on our forums?
Only using "set_real_ip_from". However, you should use it for trusted
proxy servers only as anyone may write anything in X-forwrded-For header.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list