editing a general location match to exclude one, specific instance?
PGNet Dev
pgnet.dev at gmail.com
Thu May 14 18:10:20 UTC 2020
editing a general location match to exclude one, specific instance?
I run nginx 1.18.0.
I've had a trivial 'protection' rule in place for a long time
location ~* (gulpfile\.js|settings.php|readme|schema|htpasswd|password|config) {
deny all;
}
That hasn't caused me any particular problems.
Recently, I've added a proxied back end app.
In logs I see
==> /var/log/nginx/auth.example1.com.error.log <==
2020/05/12 22:16:39 [error] 57803#57803: *1 access forbidden by rule,
client: 10.10.10.10, server: testapp.example1.com, request: "GET /api/configuration HTTP/2.0",
host: "testapp.example1.com", referrer: "https://testapp.example1.com/?rd=https://example2.net/app2"
removing the "config" match from the protection rule,
- location ~* (gulpfile\.js|settings.php|readme|schema|htpasswd|password|config) {
+ location ~* (gulpfile\.js|settings.php|readme|schema|htpasswd|password) {
eliminates the problem.
I'd like to edit the match to PASS that^ logged match -- as specifically/uniquely as possible -- but CONTINUE to 'deny all' for all other/remaining matches on "config".
How would that best be done? A preceding location match? Or editing the existing one?
More information about the nginx
mailing list