Limit Available Methods

Maxim Dounin mdounin at
Thu Mar 1 11:02:00 UTC 2012


On Thu, Mar 01, 2012 at 05:18:48AM -0500, kamalakarv wrote:

> Want to limit OPTIONS and TRACE  method from nginx server 
>  Referred following post( section #11)
>  Disable certain HTTP methods at global level, below article will help
> us to restrict at server block level 
>   *
>  We want to disable at global level because our configuration consist of
> so many server blocks 

The TRACE method is always rejected with 405 since nginx 0.5.17.

To disable other methods like OPTIONS (which currently isn't 
handled by nginx, but may be proxy_pass'ed somewhere else) you 
have to use either rewrite checks like in the article above or the 
"limit_expect" directive (  This 
isn't possible at global level, though you may use the "include" 
directive ( to include common 
configuration block into all servers.

Maxim Dounin

More information about the nginx mailing list