I have a requirement to only allow requests from certain referrers. The
trickier part is that the list of valid referrers changes based on what is in
the query string. I would like to know the most efficient way to do this in
nginx please.

For example, assume that "account1" may only make requests with referrers from
abc.com and def.com, and "account2" may only make requests with referrers from
xyz.com.

Further, assume these requests hit my nginx server:

http://www.mynginxserver.com/somefile.htm?id=account1 I want to allow the request for the above only if the referrer is from
abc.com or def.com

http://www.mynginxserver.com/somefile.htm?id=account2 I want to allow the request for the above only if the referrer is from
xyz.com

Currently in my implementation I do not have the above authorization scheme
factored in, and I'm doing this:

location / { proxy_pass http://my_upstream_servers; proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for; }

So now I am looking at implementing my authorization scheme and wondering what
is the best way to do this.

For example, am I correct to assume that I would have to have a separate
"location" directive/block for each account that would be made to match the
id=accountX part? And within each location block I would have a valid_referrers
statement that listed what was valid for that account?

Or is there a better way to map this out?

Also I will have thousands of accounts (most of which will only have one or two
valid referrers defined). Would nginx process all those location blocks
extremely fast or would all that regex'ing slow things down considerably if
doing thousands of them?

Thank you!