Wednesday, November 16, 2016

How to restrict user agents in Apache Traffic Server

We all want to restrict access to our videos if the videos are used in a closed network or supposed to use only on a particular device. We can do this by restricting the access to only a particular user agent which can be your custom player or if you want to grant access only to IOS devices, then AppleWebkit.

In Apache traffic server how we can do this? This can be done using header_rewrite plugin.

How we can do it?
First we need to enable the plugin with a configuration file(s).

[root@trafficserver]# cat plugin.config
xdebug.so
header_rewrite.so config_file_1.conf

Then in the configuration file specified, we need to give the rules.
[root@trafficserver]# cat config_file_1.conf
cond %{READ_REQUEST_HDR_HOOK}
cond %{CLIENT-HEADER:User-Agent} /AppleWebkit./ [NOT]
set-status 403

After this, restart the traffic server and you are done.
This will deny access to all the user agents other than AppleWebkit. They will get 403 response.