Prevent other sites from serving your assets with Nginx
·1 min
I noticed in my Nginx logs that a number of sites were serving my jQuery Placeholder Plugin JavaScript files directly from my site, as opposed to hosting it themselves. Probably an accident, but still…
I emailed them, but as I didn’t hear back from any of them I decided to block the requests using the following configuration in Nginx:
location ~* \.(js|css)$ {
if ($http_referer ~* (foo.co.uk|bar.co.uk) ) {
return 403;
}
}
For any JavaScript or CSS files, if the referer contains the address of the sites that I know are serving my assets, I return a 403 Forbidden status and do not serve the file.
I also wrote a little Perl script which parses the Nginx log file and emails me a list of sites that may be serving my assets, so I can keep the list of blocked sites up to date. It’s a bit rough, but does the job!