How to Whitelist User Agent in NGINX


block user agent in nginx

You can restrict search bots and crawlers from accessing your site by simply blocking access to specific user agents. Similarly, you can also whitelist popular user agents of Google, Yahoo, if you want only them to be able to access your website. Let us take a look at how to whitelist user agent in NGINX.

 

How to Whitelist User Agent in NGINX

Here are the steps to whitelist user agent in NGINX. It can be a little difficult to do so, unlike doing it easily in Apache.

 

1. Open NGINX config file

Open NGINX config file in a text editor. You will typically find it at /etc/nginx/nginx.conf


$ sudo vim /etc/nginx/nginx.conf

 

2. Whitelist User Agent

Let’s say you want to allow access from only Mozilla user agent and block others, you can update your server and location blocks as shown. Please note, you need to include the auth_request module for the following to work.


map $http_user_agent $auth_type {
  default "Restricted";
  ~^Mozilla "off";
}

server {
  location / {
   auth_basic $auth_type;
  }
}

 

In the above code, replace ‘Mozilla’ with your required user agent.

 

Alternatively, you can also try the following:


server {
  ...

  location / {
   satisfy any;

   allow ...
   auth_basic ...
   auth_request /auth;
   }

  location = /auth {
   if ($http_user_agent ~ Mozilla) {
   return 200;
  }
  return 403;
  }
}

 

If you dont’t want to use auth_request module:


server {
 ...

 location / {
  error_page 418 = @allowed;

  if ($http_user_agent ~ Mozilla) {
   return 418;
  }

 satisfy any;

 allow ...
 auth_basic ...
 }

 location @allowed {
  # ...
  }
}

 

 

3. Reload NGINX web server

Reload NGINX server to apply changes.

$ sudo service nginx reload

 

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!