whitelist/blacklist country at LUA level to avoid SEO issues
This commit is contained in:
parent
fe1d724c9f
commit
dd7768c856
|
@ -1,3 +0,0 @@
|
|||
if ($allowed_country = no) {
|
||||
return 444;
|
||||
}
|
|
@ -5,6 +5,7 @@ access_by_lua_block {
|
|||
|
||||
local use_whitelist_ip = %USE_WHITELIST_IP%
|
||||
local use_whitelist_reverse = %USE_WHITELIST_REVERSE%
|
||||
local use_country = %USE_COUNTRY%
|
||||
local use_blacklist_ip = %USE_BLACKLIST_IP%
|
||||
local use_blacklist_reverse = %USE_BLACKLIST_REVERSE%
|
||||
local use_dnsbl = %USE_DNSBL%
|
||||
|
@ -34,6 +35,11 @@ if use_whitelist_reverse and whitelist.reverse_cached_ok() then
|
|||
ngx.exit(ngx.OK)
|
||||
end
|
||||
|
||||
-- check if country is allowed
|
||||
if use_country and ngx.var.allowed_country == "no" then
|
||||
ngx.exit(ngx.HTTP_FORBIDDEN)
|
||||
end
|
||||
|
||||
-- check if already in blacklist cache
|
||||
if use_blacklist_ip and blacklist.ip_cached_ko() then
|
||||
ngx.exit(ngx.HTTP_FORBIDDEN)
|
||||
|
|
|
@ -23,7 +23,6 @@ server {
|
|||
%CONTENT_SECURITY_POLICY%
|
||||
%REFERRER_POLICY%
|
||||
%FEATURE_POLICY%
|
||||
%USE_COUNTRY%
|
||||
%BLOCK_USER_AGENT%
|
||||
%BLOCK_TOR_EXIT_NODE%
|
||||
%BLOCK_PROXIES%
|
||||
|
|
|
@ -239,9 +239,9 @@ replace_in_file "${NGINX_PREFIX}server.conf" "%ALLOWED_METHODS%" "$ALLOWED_METHO
|
|||
|
||||
# country ban
|
||||
if [ "$BLACKLIST_COUNTRY" != "" ] || [ "$WHITELIST_COUNTRY" != "" ] ; then
|
||||
replace_in_file "${NGINX_PREFIX}server.conf" "%USE_COUNTRY%" "include ${NGINX_PREFIX}geoip-server.conf;"
|
||||
replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_COUNTRY%" "true"
|
||||
else
|
||||
replace_in_file "${NGINX_PREFIX}server.conf" "%USE_COUNTRY%" ""
|
||||
replace_in_file "${NGINX_PREFIX}main-lua.conf" "%USE_COUNTRY%" "false"
|
||||
fi
|
||||
|
||||
# block bad UA
|
||||
|
|
Loading…
Reference in New Issue