António P. P. Almeida
appa at perusio.net
Fri Feb 10 19:58:55 UTC 2012
On 10 Fev 2012 19h40 WET, guilherme.e at gmail.com wrote:
> This would fix the problem, but I don't know the directories that
> has a .htaccess file with allow/deny.
> Scenario: nginx (cache/proxy) + back-end apache
> root at srv1 [~]# ls -a /home/domain/public_html/restrictedimages/ ./
> ../ .htaccess image.jpg root at srv1 [~]# cat
> /home/domain/public_html/restrictedimages/.htaccess allow from
> x.x.x.x deny from all
> In the first access (source IP: x.x.x.x) to
> http://domain.com/restrictedimages/image.jpg, nginx proxy request to
> apache and cache response. The problem comes in other request from
> other IP address different from x.x.x.x. Nginx deliver the objects
> from cache, even if the ip address is not authorized, because nginx
> doesn't understand .htaccess.
> I would like to bypass cache in this cases, maybe using
> proxy_cache_bypass, but I don't know how. Any idea?
I already gave you a suggestion. You just need to use a geo directive
where you enumerate all the IPs that can **access**.
AFAICT this foots the bill. No need to complicate it with headers
being passed to the backend.
More information about the nginx