4

I want to block exact cookie value like PHPSESSID in Nginx. Does this possible? My site under DDoS but I can't block by IP due to shared addresses. Attackers use same value of Cookies so I try to block by cookie value.

Thanks

J.Mae
  • 73
  • 1
  • 5

1 Answers1

7
server {
  ...

  if ($cookie_PHPSESSID = "XXXXXXXXXXXX") {
    return 403;
  }
}
anthumchris
  • 8,245
  • 2
  • 28
  • 53