So is "rewrite_by_lua" also evil?
agentzh
agentzh at gmail.com
Wed Oct 12 00:15:56 UTC 2011
On Wed, Oct 12, 2011 at 12:03 AM, Nginx User <nginx at nginxuser.net> wrote:
> Anyway, when I have the following (simplified) in firewall.default ....
>
> if ($http_user_agent ~* libwww ) {
> return 403;
> }
>
> ... everything is fine. When a php request is made, libwww user agents
> are denied and others get the php output.
>
You're using the "~*" operator here and that means "case insensitive
match", see http://wiki.nginx.org/HttpCoreModule#location
> When I use the following (simplified) rewrite_by_lua equivalent instead ....
>
> rewrite_by_lua '
> if ngx.var.http_user_agent == "libwww" then
> ngx.exit(ngx.HTTP_FORBIDDEN)
> end
> ';
>
Note that you're using "==" here in Lua which is exact string comparison :)
> The php file is downloaded. Obviously I don't have the "libwww" when
> testing so I suppose the lua "if" block is skipped at which point the
> physical php file is found and sent to the user as is and the
> proxy_pass directive is not run.
>
Which version of ngx_lua are you using? Please show me your "nginx -V"
output? And which OS are you using? I've tested your example with
ngx_lua git master HEAD on Slackware Linux x86_64 and do not have any
issues :)
Also, enabling --with-debug in your nginx build and show me the
relevant sections of your error.log on the debug error log level will
be helpful too :)
Regards,
-agentzh
More information about the nginx
mailing list