Re: Best way to block access by url and valid referrer? - François Battail - ru.sysoev.nginx

4 messages in ru.sysoev.nginxRe: Best way to block access by url a...

From	Sent On	Attachments
Rt Ibmer	Apr 29, 2008 7:56 am
François Battail	Apr 29, 2008 10:06 am
Rt Ibmer	Apr 29, 2008 1:19 pm
François Battail	Apr 29, 2008 1:57 pm

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: Best way to block access by url and valid referrer?	Actions...
From:	François Battail (fb-f...@public.gmane.org)
Date:	Apr 29, 2008 1:57:27 pm
List:	ru.sysoev.nginx

Rt Ibmer <rtibmx@...> writes:

So assuming that its "good enough" for me to rely on matching their

account id to a referrer what would you say is the best way to do what I was inquiring about in my original message on the subject?

I don't think think there's a good solution. If you don't want a huge config file to maintain (I agree) you still need to store and query data to ensure if access is allowed or not, but as Nginx is an asynchronous server you will block all connections during these tests even if you code a specific module.

If you cannot modify the referring links I believe you can use the configuration file using includes generated by a script to avoid database or ldap queries when Nginx is running.

It's not a nice or efficient solution, but given the workflow I don't see something better right now.

Best regards.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: