HttpAccessModule and unix domain sockets
mdounin at mdounin.ru
Wed May 22 13:49:41 UTC 2013
On Tue, May 21, 2013 at 10:27:21PM +0300, Sorin Manole wrote:
> Hi all,
> It seems that when using HttpAccessModule directives to deny requests, they
> don't seem to work if the server is listening on a unix domain socket. Even
> when using deny all.
> Can someone confirm and it's not just me making some stupid mistake ?
Yes, access module allow/deny directives currently only able to
limit ipv4 and ipv6 addresses.
> Now if that is the case, would it be a good idea to add this functionality
> to the module ? Maybe add a new parameter like "deny unix" or something ?
> Or was this left out on purpose for a reason or another ?
It probably should be expanded to support "unix:" special address
like set_real_ip_from does (see http://nginx.org/r/set_real_ip_from).
More information about the nginx-devel