Directive Reference

testcookie_pass

The testcookie_pass directive allows you to enable or disable the challenge cookie checks based on a variable's value in NGINX's testcookie module.

NGINX testcookie robot mitigation module · httpserverlocation
Syntaxtestcookie_pass variable_name;
Defaultnone
Contexthttp, server, location
Arguments1

Description

The testcookie_pass directive specifies a variable name, which controls the execution of the challenge cookie logic within the testcookie robot mitigation module. If the configured variable is set to '1', NGINX will bypass the challenge cookie check, allowing requests to proceed without any additional validation. This is particularly useful in scenarios where certain requests are exempted from these checks, such as when dealing with trusted user agents or whitelisted IP addresses.

Config Example

http {
    server {
        location / {
            testcookie_pass $arg_cookie_check;
            testcookie on;
        }
    }
}

Ensure the variable specified actually exists and is calculated correctly before it is evaluated, otherwise it may not work as expected.

If there are misconfigurations or additional conditions that affect the variable's value, it may inadvertently allow unintended requests without proper checks.

Related Directives

testcookietestcookie_nametestcookie_sessiontestcookie_max_attempts
← Back to all directives