It was surprisingly difficult to find a full working example of this, so here’s my take on “How to make Nginx require that a certain header is present with a certain value in the incoming request”:
nginx.conf:
http {
map $http_x_mycustomheader $is_mycustomheader_not_ok {
default "1";
MyApprovedValue "0";
}
...
}
mysite.conf:
server {
...
location / {
if ($is_mycustomheader_not_ok) {
return 403;
}
}
...
}
To allow requests that contain the header with any value except an empty value, all you need is:
mysite.conf:
server {
...
location / {
if ($http_x_mycustomheader = "") {
return 403;
}
}
...
}
I don’t know how to accept requests where the header is set to any value including an empty value. If anyone has an example, please leave a comment.
Thanks, it really helped me today to save a lot of time.