librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

refactored whitelisting of user-agents

This commit is contained in:
bunkerity 2021-04-09 14:23:52 +02:00
parent e190167bfc
commit c03d410b0a
1 changed files with 10 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
confs/site/main-lua.conf
View File

@ -96,21 +96,17 @@ end
-- check if user-agent is allowed
if use_user_agent and ngx.var.bad_user_agent == "yes" then
local headers = ngx.req.get_headers()
local ua = headers["User-Agent"]
if not whitelist_user_agent ~= "" then
local k_ua_white, v_ua_white = next(whitelist_user_agent, nil)
while v_ua_white do
local rst_whitelist = string.match(ua, v_ua_white)
if rst_whitelist ~= nil and rst_whitelist ~= "" then
ngx.log(ngx.WARN, "[ALLOW] User-Agent " .. ngx.var.http_user_agent .. " is whitelisted")
ngx.exit(ngx.OK)
end
k_ua_white, v_ua_white = next(whitelist_user_agent, k_ua_white)
end
for k, v in pairs(whitelist_user_agent) then
if string.match(ngx.var.http_user_agent, v) then
ngx.log(ngx.WARN, "[ALLOW] User-Agent " .. ngx.var.http_user_agent .. " is whitelisted")
block = false
break
fi
end
if block then
ngx.log(ngx.WARN, "[BLOCK] User-Agent " .. ngx.var.http_user_agent .. " is blacklisted")
ngx.exit(ngx.HTTP_FORBIDDEN)
end
ngx.log(ngx.WARN, "[BLOCK] User-Agent " .. ngx.var.http_user_agent .. " is blacklisted")
ngx.exit(ngx.HTTP_FORBIDDEN)
end
-- check if referrer is allowed