# details at https://st.yandex-team.ru/ADMINTASKS-4631
# should be included before any other includes.

if ($request_method = POST) { 
   set $ispost 1;
   }

set $refcheck 1;

if ($http_referer = "" ) {
   set $refcheck 0;
}

if ($http_referer ~* ^(http(s)?:\/\/)?(([^\?\/]*\.)?(yandex(-team)?\.(ru|ua|com|net|kz|by|st|com\.tr)|ya\.ru|moikrug\.ru)(:\d+)?(\/.*)?|x-gadget.*)$ ) { 
   set $refcheck 0;
}

if ($http_referer ~* ^file:\/\/) { 
   set $refcheck 0;
}

set $is_access_post $ispost$refcheck;

if ($is_access_post = 11) {
   return 403;
}
