In this tutorial, you will learn how to use MaxCDN EdgeRules to only allow blank referrers to certain device types or browsers. This rule is most commonly used to prevent known mobile device misbehaviors while using video streaming. Usually, Android will not send the referrer, thus causing systems that block unauthorized referrers to reject these requests (due to blank referrer sent by browsers). In the following rule, we’ve used one “help variable” called “flag” to dictate the future valid/invalid referer state for individual requests. And eventually, we’ve applied the value of this variable into $invalid_referer:
Nginx configuration block
location / {
set $flag "1";
if ($http_user_agent ~ (Android)) {
set $flag "0";
}
if ($http_referer ~ ^$) {
set $invalid_referer $flag;
}
valid_referers domain.com;
if ($invalid_referer) {
return 403;
}
CURL examples
CURL with valid referrer:
~$ curl -I cdn.domain.com/ --referer http://domain.com
HTTP/1.1 200 OK
Date: Wed, 20 May 2015 15:48:18 GMT
Content-Type: text/html
Content-Length: 151092
Connection: keep-alive
Last-Modified: Wed, 20 May 2015 15:25:02 GMT
ETag: "193b94f-24e34-5168507e845bc"
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
Flag: 1
X-Cache: HIT
Accept-Ranges: bytes
CURL with a blank referrer and proper/allowed user-agent:
~$ curl -I cdn.domain.com/ -A "Android"
HTTP/1.1 200 OK
Date: Wed, 20 May 2015 15:48:22 GMT
Content-Type: text/html
Content-Length: 151092
Connection: keep-alive
Last-Modified: Wed, 20 May 2015 15:25:02 GMT
ETag: "193b94f-24e34-5168507e845bc"
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
Flag: 0
X-Cache: HIT
Accept-Ranges: bytes
CURL without a referrer and without user-agent:
~$ curl -I cdn.domain.com/
HTTP/1.1 403 Forbidden
Date: Wed, 20 May 2015 15:48:31 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Server: NetDNA-cache/2.2
If you have any questions or experience any issues, please reach out to the Support Team, live chat and ticket support are available 24/7.