Allow and Deny IP's
Francis Daly
francis at daoine.org
Wed Feb 7 00:02:49 UTC 2018
On Mon, Feb 05, 2018 at 11:56:04PM +0530, Kaushal Shriyan wrote:
Hi there,
> When i run this curl call -> curl -X GET http://13.127.165.226/ -H
> 'cache-control: no-cache' -H 'postman-token:
> 2494a4a7-6791-2426-cedf-d0bcaa1cd90a' -H 'x-forwarded-for: 12.12.12.13.11'
>
> Ideally the request should not be allowed and the access log should report
> 403 instead of 200
Why should it not be allowed?
What IP address are you making the request from?
> I get 200 OK in the access.log
>
> location / {
> proxy_set_header X-Forwarded-For $remote_addr;
> allow 182.76.214.126/32;
> allow 116.75.80.47/32;
> deny all;
> error_page 404 /404.html;
> location = /40x.html {
> }
>
> Please let me know if i am missing anything.
Your config fragment is incomplete. But when I use something similar,
I get the expected http 200 from an address in the "allow" list, and
the expected http 403 from an address not in the "allow" list.
The output of "nginx -V" might be interesting, in case you are using a
version that has broken allow/deny handling.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list