From 95153dbc5d554e51cf5249374ca880f23765abd5 Mon Sep 17 00:00:00 2001
From: bunkerity <contact@bunkerity.com>
Date: Fri, 4 Dec 2020 22:58:48 +0100
Subject: [PATCH] moved UA, referrer and country check after whitelist and
 blacklist check

---
 confs/site/main-lua.conf | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/confs/site/main-lua.conf b/confs/site/main-lua.conf
index 13b5d55d..6343a23d 100644
--- a/confs/site/main-lua.conf
+++ b/confs/site/main-lua.conf
@@ -37,21 +37,6 @@ if use_whitelist_reverse and whitelist.reverse_cached_ok() then
 	ngx.exit(ngx.OK)
 end
 
--- check if user-agent is allowed
-if use_user_agent and ngx.var.bad_user_agent == "yes" then
-	ngx.exit(ngx.HTTP_FORBIDDEN)
-end
-
--- check if referrer is allowed
-if use_referrer and ngx.var.bad_referrer == "yes" then
-	ngx.exit(ngx.HTTP_FORBIDDEN)
-end
-
--- check if country is allowed
-if use_country and ngx.var.allowed_country == "no" then
-	ngx.exit(ngx.HTTP_FORBIDDEN)
-end
-
 -- check if already in blacklist cache
 if use_blacklist_ip and blacklist.ip_cached_ko() then
 	ngx.exit(ngx.HTTP_FORBIDDEN)
@@ -93,6 +78,21 @@ if use_blacklist_reverse and not blacklist.reverse_cached() then
 	end
 end
 
+-- check if user-agent is allowed
+if use_user_agent and ngx.var.bad_user_agent == "yes" then
+	ngx.exit(ngx.HTTP_FORBIDDEN)
+end
+
+-- check if referrer is allowed
+if use_referrer and ngx.var.bad_referrer == "yes" then
+	ngx.exit(ngx.HTTP_FORBIDDEN)
+end
+
+-- check if country is allowed
+if use_country and ngx.var.allowed_country == "no" then
+	ngx.exit(ngx.HTTP_FORBIDDEN)
+end
+
 -- check if IP is in DNSBLs (only if not in cache)
 if use_dnsbl and not dnsbl.cached() then
 	if dnsbl.check() then