Nginx – Remove cookies by cookie name in nginx reverse proxy

cookienginxreverse-proxy

I am fairly new to nginx and I am trying to set it up as a reverse proxy server. So far I have apache working as a backend server on 8080 and nginx on port 80.

My website uses a lot of cookies which I have no control on… I am using Expression Engine CMS, and it does not allow me to disable the cookies that I don't want (don't want to mantle with EE core code).

So lets say that a typical hit on my homepage returns cookies A, B and C which I don't use. Sometimes I also have cookies D and E which I need.

I want to set up nginx to hide cookies A, B and C from the response and return cached content only if the request is cookie free or cookies D and E are empty.

Is that possible to set up under nginx?

So far I have this in my config, which ignores any cookies. I just want to ignore or hide certain cookies:

proxy_cache_path /opt/nginx/cache levels=1:2 keys_zone=mycache:20m max_size=1G;
proxy_temp_path /opt/nginx/tmp_cache/;
proxy_hide_headers Expires Cache-Control Set-Cookie;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_bypass $cookie_nocache;
proxy_no_cache $cookie_nocache;

…

location / {
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_cache mycache;
    proxy_cache_valid  200 302  6h;
    proxy_cache_valid  404      1m;
    proxy_pass http://x.x.x.x:8080;
}

Best Answer

Wouldn't it be possible to explicitly set the cookie-headers? So something like:

add_header Set-Cookie "A=deleted; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Domain=.foo.com
add_header Set-Cookie "B=deleted; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Domain=.foo.com
add_header Set-Cookie "C=deleted; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Domain=.foo.com

~~You could use proxy_set_header with the header name "Cookie" instead of add_header, if it doesn't work.~~ I don't have a development nginx instance running here so I can't test..

Sources:

Related Solutions

Nginx – How to Set Up as a Caching Reverse Proxy

I don't think that there is a way to explicitly invalidate cached items, but here is an example of how to do the rest. Update: As mentioned by Piotr in another answer, there is a cache purge module that you can use. You can also force a refresh of a cached item using nginx's proxy_cache_bypass - see Cherian's answer for more information.

In this configuration, items that aren't cached will be retrieved from example.net and stored. The cached versions will be served up to future clients until they are no longer valid (60 minutes).

Your Cache-Control and Expires HTTP headers will be honored, so if you want to explicitly set an expiration date, you can do that by setting the correct headers in whatever you are proxying to.

There are lots of parameters that you can tune - see the nginx Proxy module documentation for more information about all of this including details on the meaning of the different settings/parameters: http://nginx.org/r/proxy_cache_path

http {
  proxy_cache_path  /var/www/cache levels=1:2 keys_zone=my-cache:8m max_size=1000m inactive=600m;
  proxy_temp_path /var/www/cache/tmp; 


  server {
    location / {
      proxy_pass http://example.net;
      proxy_cache my-cache;
      proxy_cache_valid  200 302  60m;
      proxy_cache_valid  404      1m;
    }
  }
}

Nginx – Controlling Nginx proxy target using a cookie

Similar to this answer. Nginx's idiomatic approach to this kind of problems is via map.

Basically, you define a map in http section

map $cookie_proxy_override $my_upstream {
  default default-server-or-upstream;
  ~^(?P<name>[\w-]+) $name;
}

Then you simply use $my_upstream in location section(s):

location /original-request {
  proxy_pass http://$my_upstream$uri;
}

Nginx evaluates map variables lazily, only once (per request) and when you are using them.

Best Answer

Related Solutions

Nginx – How to Set Up as a Caching Reverse Proxy

Nginx – Controlling Nginx proxy target using a cookie

Related Topic