Questions about proxy_pass and internal directives

mrtn nginx-forum at
Fri Oct 19 00:08:21 UTC 2012

Reinis Rozitis Wrote:
> You are using 'internal' in a wrong way (at least judging from your 
> configuration excerpts).
> If you read the documentation 
> you
> should 
> see that internal locations can't be accessed directly from
> client/browser 
> but need some sort of _internal_ redirect.
> If there is a need for a backend application to check for permissions
> but 
> serve the file from nginx (while the same time denying direct access)
> one 
> way to do it is making the backend application to send
> 'X-Accel-Redirect' 
> header ( some examples: ).

That's exactly what I am doing. 

location ^~ /foo/bar/ {
                proxy_pass    ;
                proxy_redirect         off;

I use "internal" directive to block direct access to anything
"/foo/bar/,,,", which seems to be what nginx is doing. At the same time, I
proxy_pass the request to the backend application server to check for
permissions. If success, the backend server sends a 'X-Accel-Redirect'
header back to nginx to serve the file.

Now the problem is proxy_pass does not seem to work, as no request is being
proxied to the backend server. I wondered if this is because I put it
together with "internal" directive inside the location block, but from here:, it seems that this combination should be
fine, as it is given as an example.

I'm scratching my head now...

Posted at Nginx Forum:,231998,232008#msg-232008

More information about the nginx mailing list