Questions about proxy_pass and internal directives
Reinis Rozitis
r at roze.lv
Thu Oct 18 23:37:25 UTC 2012
> hmm, so adding '^~' to the front of location /foo/bar/ makes "internal"
> directive work correctly. All direct access to "/foo/bar/sth/sth.html" are
> blocked with 404 now.
> However, the proxy_pass inside '/foo/bar/' location still doesn't work.
You are using 'internal' in a wrong way (at least judging from your
configuration excerpts).
If you read the documentation
http://nginx.org/en/docs/http/ngx_http_core_module.html#internal you should
see that internal locations can't be accessed directly from client/browser
but need some sort of _internal_ redirect.
If there is a need for a backend application to check for permissions but
serve the file from nginx (while the same time denying direct access) one
way to do it is making the backend application to send 'X-Accel-Redirect'
header ( some examples: http://wiki.nginx.org/XSendfile ).
You can also try auth_request_module by Maxim Dounin (
http://mdounin.ru/hg/ngx_http_auth_request_module/file/a29d74804ff1/README
/ http://forum.nginx.org/read.php?2,58047,58047#msg-58047 )
.. or access_by_lua from nginx_lua module by agentzh (
https://github.com/chaoslawful/lua-nginx-module )
rr
More information about the nginx
mailing list