Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'whitelist_ua' of https://github.com/thelittlefireman/bunkerized-nginx into dev

Browse Source
This commit is contained in:
bunkerity
2021-03-08 13:46:28 +01:00
parent 544a09e8da 8353bd9c85
commit 6b56e21a09
6 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
confs/site/main-lua.conf
View File

@@ -6,6 +6,7 @@ access_by_lua_block {
local use_whitelist_ip = %USE_WHITELIST_IP%
local use_whitelist_reverse = %USE_WHITELIST_REVERSE%
local use_user_agent = %USE_USER_AGENT%
local whitelist_useragent_list = { %WHITELIST_USERAGENT_LIST% }
local use_referrer = %USE_REFERRER%
local use_country = %USE_COUNTRY%
local use_blacklist_ip = %USE_BLACKLIST_IP%
@@ -80,6 +81,19 @@ end
-- check if user-agent is allowed
if use_user_agent and ngx.var.bad_user_agent == "yes" then
local headers = ngx.req.get_headers()
local ua = headers["User-Agent"]
if not whitelist_useragent_list ~= "" then
local k_ua_white, v_ua_white = next(whitelist_useragent_list, nil)
while v_ua_white do
local rst_whitelist = string.match(ua, v_ua_white)
if rst_whitelist ~= nil and rst_whitelist ~= "" then
ngx.log(ngx.WARN, "[ALLOW] User-Agent " .. ngx.var.http_user_agent .. " is whitelisted")
ngx.exit(ngx.OK)
end
k_ua_white, v_ua_white = next(whitelist_useragent_list, k_ua_white)
end
end
ngx.log(ngx.WARN, "[BLOCK] User-Agent " .. ngx.var.http_user_agent .. " is blacklisted")
ngx.exit(ngx.HTTP_FORBIDDEN)
end