Forum List Message List New Topic Print View

shahzaib1232

March 17, 2015 06:14AM

Registered: 11 years ago
Posts: 272

@itpp, as i sent the logs above that referer_header for android requests
are empty, maybe blocking requests based on empty referer_header will
partially resolve our issue ? Following is the config i used to block empty
referer_header but in vain.

valid_referers server_names ~.;
if ($invalid_referer) {
return 403;
}

Android request log :

39.49.52.224 - - [15/Mar/2015:10:40:26 +0500] "GET
/files/thumbs/2015/03/14/1426310448973c5-1.jpg HTTP/1.1" 200 13096 "-"
"Dalvik/1.6.0 (Linux; U; Android 4.2.2; GT-S7582 Build/JDQ39)"

I might be putting this config under wrong location, following is the
content of android.conf and virtual.conf :

virtual.conf :

server {
listen 80;
server_name conversion.domain.com;
client_max_body_size 8000m;
# limit_rate 180k;
# access_log /websites/theos.in/logs/access.log main;

location / {
root /var/www/html/conversion;
index index.html index.htm index.php;
# autoindex on;
include android.conf;
}
location ~ \.(flv|jpg|jpeg)$ {
flv;
root /var/www/html/conversion;
expires 2d;
include android.conf;
valid_referers none blocked domain.net
www.domain.net domain.com www.domain.com;
if ($invalid_referer) {
return 403;
}
}
location ~ \.(mp4)$ {
mp4;
root /var/www/html/conversion;
expires 1d;
include android.conf;
valid_referers none blocked domain.net www.domain.net
domain.com www.domain.com;
if ($invalid_referer) {
return 403;
}
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
root /var/www/html/conversion;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

location ~ /\.ht {
deny all;
}
}

android.conf :

#if ($http_user_agent ~* "Android") {
# return 403;
#}

valid_referers server_names ~.;
if ($invalid_referer) {
return 403;
}

Regards.

Shahzaib

On Tue, Mar 17, 2015 at 2:10 PM, itpp2012 <nginx-forum@nginx.us> wrote:

> I'd use some kind of authentication based on a user logging in before
> allowing use of a service, an encrypted cookie or something along that
> line.
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,257269,257303#msg-257303
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Fake video sharing Android App !!	shahzaib1232	March 16, 2015 07:10AM
Re: Fake video sharing Android App !!	Gena Makhomed	March 16, 2015 07:20AM
Re: Fake video sharing Android App !!	Francis Daly	March 16, 2015 09:30AM
Re: Fake video sharing Android App !!	shahzaib1232	March 16, 2015 09:46AM
Re: Fake video sharing Android App !!	Patschi	March 16, 2015 09:58AM
Re: Fake video sharing Android App !!	itpp2012	March 16, 2015 10:47AM
Re: Fake video sharing Android App !!	Francis Daly	March 16, 2015 10:52AM
Re: Fake video sharing Android App !!	shahzaib1232	March 17, 2015 04:24AM
Re: Fake video sharing Android App !!	itpp2012	March 17, 2015 05:10AM
Re: Fake video sharing Android App !!	shahzaib1232	March 17, 2015 06:14AM
Re: Fake video sharing Android App !!	itpp2012	March 17, 2015 06:38AM
Re: Fake video sharing Android App !!	shahzaib1232	March 17, 2015 07:22AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 202

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018