How to block domains in nginx?

Polishken2019-02-13 15:12:53

Nginx

Polishken, 2019-02-13 15:12:53

Dom1.com and dom2.com are proxied via curl to the server where nginx + apache is located on the domnginx.com domain, dom1.com
and dom2.com must be banned in nginx, the config below does not block

server {
        listen *:80;
        server_name domnginx.com;
        location / {
                proxy_pass http://6.6.6.6:8080;
                }
if ($host ~* dom1.com|dom2.com) {
return 403;
break;
}
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
}

Tried $host, $hostname, $proxy_host, http_host
This condition works fine

if ($http_user_agent ~ (iPhone|Android) ) { 
>>>blablalba
}

And it is impossible to block domains, nginx perceives the Host of a not proxied site, but the one that domnginx.com
I don’t understand why.
did this for a test.

location ~ (testpage|test$) {
return 200 "Host - $host Http_Host - $http_host";
}

I get
Host - domnginx.com Http_Host - domnginx.com
A should be dom1.com

Answer the question

In order to leave comments, you need to log in

1 answer(s)

Godless, 2019-02-15
@Polishken

Please explain the phrase
Is it just that when you connect to dom[1,2].com, there are requests via cURL from php or another language to the domnginx.com domain?
Далее:

server {
        listen *:80;
        server_name domnginx.com;
        location / {
                proxy_pass http://6.6.6.6:8080;
                }
if ($host ~* dom1.com|dom2.com) {
return 403;
break;
}
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
}

Этот код обслуживает домен domnginx.com. Это логично, что

if ($host ~* dom1.com|dom2.com) {
return 403;
break;
}

не отрабатывает.
Как минимум напрашивается:
Но боюсь этого будет мало.
Тогда фильтровать нужно не по $host, а по клиентскому адресу.