Blocking user agents and or referrer sites

in Nginx configurationSecurity

Blocking and allowing IP-addresses is done using the nginx access module.

The ngx_http_access_module module allows limiting access to certain client addresses.

Before you start

Be very carefully when blocking ips, user agents or referrers, as it is relatively easy to block more agents then you want. 

When adding block entries, make sure to check your access logging to make sure you are only blocking the requests you want to block.

Blocking user agent

Retrieve the useragent you want to block from the /var/log/nginx/access.log

Now login to your Hypernode using SSH and edit /data/web/nginx/server.blacklist.

$ sensible-editor /data/web/nginx/server.blacklist

Next, add the user agent to the file:

if ($http_user_agent ~ "Windows 95|Windows 98|biz360.com|xpymep|TurnitinBot|sindice|Purebot|libwww-perl") {
    return 403;
    break;
}

And edit the user agents until they match your flavor.

If you make a mistake, the shell will warn you:

app@pup0t4-mynode-magweb-xls 

Your Nginx configuration contains errors, please check
/data/web/nginx/nginx_error_output to see them.

How to block referrers

Blocking referrers works the same way it does with blocking useragents.

if ($http_referer ~* (seo|referrer|redirect|babes|click|girl|jewelry|love|organic|poker|porn|sex|teen|video|webcam) ) {
    return 405;
}

How to block certain domain names

To do this, create a file named server.blockdomains in /data/web/nginx

Blocking a certain domain name

if ($http_host ~ "testflip.hypernode.io")  {
  return 403;
  break;
}

Blocking a certain domain but only one ip

if ($http_host ~ "magentotestpakket.nl")  {
  set $block_me_now A;
}

if ($remote_addr = 8.8.8.8) {
  set $block_me_now "${block_me_now}B";
}


if ($block_me_now = AB) {
    return 403;
    break;
}

These snippets are examples! Don’t copy and paste blindly… IE: using this configuration with a poker shop will not give you the results you expected!

0