Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zzmaster2015-09-18 16:22:50
Nginx
zzmaster, 2015-09-18 16:22:50

How to whitelist referrers in nginx?

It is required to restrict access to video - allow access from only a few sites. It seems to be the valid_referers directive, but something doesn't work for me. Here is the config code, simplified:

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    

  upload_progress proxied 1m;
  server_names_hash_bucket_size 128;
  proxy_buffering off;



  server {
    server_name example.com www.example.com;
    listen 11.22.33.44;
    charset CP1251;
    index index.php;
    set $root_path /var/www/lalafa/data/www/example.com;

    location / {
      proxy_pass         http://11.22.33.44:81;
      proxy_redirect     default;
      proxy_set_header   Host             $host;
      proxy_set_header   X-Real-IP        $remote_addr;
      client_max_body_size       500m;
      client_body_buffer_size    128k;
      proxy_connect_timeout      90;
      proxy_send_timeout         900;
      proxy_read_timeout         900;
      proxy_buffer_size   4k;
      proxy_buffers              4 32k;
      proxy_busy_buffers_size    64k;
      proxy_temp_file_write_size 64k;
      charset         off;
      track_uploads proxied 30s;
    }
    
    location ~* ^.+\.(mp4)$ {
      mp4;
      root $root_path;
    }
    
    location ~* ^.+\.(flv)$ {
      flv;
      root $root_path;
    }
    
    location ~* ^/uploads/video/(site1|site3)/{
      mp4;
      root $root_path;
      limit_rate 	150k;
    }
    
    location ~* ^/uploads/(video|man)/{
      mp4;
      root $root_path;
      limit_rate      100k;
      valid_referers none blocked www.example.com example.com;
        }
    
        location ~* ^/uploads/(video|man)/{
      flv;
      root $root_path;
      limit_rate      100k;
        }
  }
}

I didn’t write the config, I don’t understand why there are separate locations like /upload/ where the videos are stored further, can the content be combined in mp4/flv sections?
And yet - why is the first parameter in location mp4 inside repeated "mp4;"? I haven’t found similar examples anywhere on the Internet, is it needed there?
valid_referers tried to embed both in the mp4 section and in /upload/.. - anyway, the video is given from the left domain, please help..

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
T
TyzhSysAdmin, 2015-09-18
@POS_troi

and yet - why the first parameter in location mp4 inside - repeats "mp4;"

nginx.org/ru/docs/http/ngx_http_mp4_module.html
Since you didn't specify your version of the item about valid_referers, the link to the docks works fine.
nginx.org/ru/docs/http/ngx_http_referer_module.htm...

Report
Z
zzmaster, 2015-09-18
@zzmaster

found an error - there are not enough sections

if ($invalid_referer) {
                    return   403;
                }

thanks for the clarification

Similar questions
B
bituke2021-05-26 10:08:52
How to quickly deploy someone else's django project? 4Reply
S
shevalex782017-01-05 02:34:07
How to make nginx control what Apache gives? 1Reply
V
Valax2019-05-30 20:53:51
Can't increase client_max_body_size in nginx? 0Reply
L
LionG2021-01-25 11:25:21
NGINX reverse_proxy does not return static if logs are disabled, where is the bug? 0Reply
S
smartup2015-01-11 00:16:21
How to rewrite location for nginx more "beautifully"? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question