Deny referrer using map directive

Francis Daly francis at daoine.org
Mon May 4 08:22:34 UTC 2015


On Mon, May 04, 2015 at 11:43:10AM +0700, Dewangga wrote:

Hi there,

> map $http_referer $badboys {
>         hostnames;
>         default         0;
>         "~*hitleap.com" 1;
> }

For info:

This should work as-is; but when using "hostnames", you probably don't
need the regex match. Just ".hitleap.com" will do what you possibly
want. (It is not the same: both will block a.hitleap.com; but only one
will block ahitleap.com or hitleap.com.a.)

> but, if I tried to access them using given referral, still got HTTP 200.
> $ curl -I https://domain.name -L -e hitleap.com | grep 200

It works for me, using http: (because I don't have a test https: server
to hand). What happens when you leave all of the "...skip..." parts empty?

> Is there any additional configuration needed?

Do your logs show that this request was handled in the server{} block
that you think it was handled in?

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list