Welcome! Log In Create A New Profile

Advanced

Authenticate from invalid referers? possible?

Posted by uri_ba 
Forum List Message List New Topic
uri_ba
Authenticate from invalid referers? possible?
October 28, 2009 01:38PM
Hi folks,
I'm trying to set up a simple concept.
I have set up a server listening on a sub-domain. say download.blah.com. set up like this:
[code]
location / {
root /var/www/site/download;
autoindex on;
auth_basic "no!";
auth_basic_user_file /var/www/passwd/.htpasswd;

}
[/code]

every request is being asked for authentication.

I would like to be able to link from another site and those requests would not be authenticated.
logically the setup should look something like this:

[code]
location / {
root /var/www/site/download;
autoindex on;
valid_referers gooddomain.com;
if ($invalid_referer) {
auth_basic "no!";
auth_basic_user_file /var/www/passwd/.htpasswd;
}
}
[/code]

But Nginx does not accept auth_basic commands in "if"

so I can try and reverse it. but I can't use ! or =0 on the $invalid_referer inside the if condition.
so this, doesn't work either
[code]
location / {
root /var/www/site/download;
autoindex on;
valid_referers gooddomain.com;
if (!$invalid_referer) {
break;
}
auth_basic "no!";
auth_basic_user_file /var/www/passwd/.htpasswd;
}
[/code]

I'm using Nginx 8.20 (on linux as the paths might indicate)

Any ideas?

10x,
Uri
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 284
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready