Block request containing a given element in the header using Nginx

Question

Block request containing a given element in the header using Nginx

Navigation

#1 by (0 votes)

0

Hello,

Let's assume that a request has the HTTP_CF_CONNECTING_IP element in the header. This element is included by CloudFlare.

How do I block all requests that have this element in Nginx?

I've tried the following:

server {
    listen 80;
    listen [::]:80;

    server_name _;

    ...

    deny $http_cf_connecting_ip;
}

I figured that this way Nginx would get the IP being stored in $ http_cf_connecting_ip and block it, resolving my case. But it did not work and generated the following error:

[emerg] 402#402: invalid parameter "$http_cf_connecting_ip" in ...

I also tried the following:

server {
    listen 80;
    listen [::]:80;

    server_name _;

    ...

    if ($http_cf_connecting_ip) {
        deny all;
    }
}

And Nginx returns me another error:

[emerg] 278#278: "deny" directive is not allowed here in ...

nginx

asked by anonymous 28.08.2017 / 03:17

1 answer

Duplicate paths in the $ PATH environment variable Set shadow in HTML e-mail table

score 0 · Accepted Answer

I focused on deny so much that I forgot to force a return along with any code, closing the request.

The solution for people with the same problem is the following:

server {
    listen 80;
    listen [::]:80;

    server_name _;

    ...

    if ($http_cf_connecting_ip) {
        return 403;
    }
}