2024-02-26 18:30:06 +0000 UTC · 4 Min read Open-Source

Using http_referrer in nginx to restict traffic


Nginx is a one of the most widely used web servers including as a reverse proxy. Sometimes, you need to restrict or allow traffic based on http referrer tag which means that you only want to allow traffic unless someone is coming to your website by clicking through another website and not directly in the browser. This can be useful for security reasons such as restricting embedded video plays or accessing an asset directly.
::: warning *Caution: http referrers can be spoofed so don’t just rely on them for mission critical systems. * :::

In your nginx configuration under server block, add the following:

 server {
     ....
     
    valid_referers abc.com subdomain.xyz.com
    location / {
        if ($invalid_referer) {
                    return 403;
        }
    }
}
Copyright © Yash Chandra. All rights reserved.