I wanted to restrict access to our downloads section. If users/bots wants to download file without logging in they will see 403 error. Logic is wonderful but it turned out very ugly code
location /downloads/ {
set $banforcookienotset 1;
if ($cookie_PHPSESSID) {
set $banforcookienotset 0;
}
if ($banforcookienotset = 1){
return 403;}
}
Is there a better way to do this?