editing a general location match to exclude one, specific instance?
Francis Daly
francis at daoine.org
Fri May 15 18:58:15 UTC 2020
On Thu, May 14, 2020 at 11:10:20AM -0700, PGNet Dev wrote:
Hi there,
> editing a general location match to exclude one, specific instance?
It is usually easier to use positive matches instead of negative ones.
> I've had a trivial 'protection' rule in place for a long time
>
> location ~* (gulpfile\.js|settings.php|readme|schema|htpasswd|password|config) {
> deny all;
> }
> 2020/05/12 22:16:39 [error] 57803#57803: *1 access forbidden by rule,
> client: 10.10.10.10, server: testapp.example1.com, request: "GET /api/configuration HTTP/2.0",
> I'd like to edit the match to PASS that^ logged match -- as specifically/uniquely as possible -- but CONTINUE to 'deny all' for all other/remaining matches on "config".
>
> How would that best be done? A preceding location match? Or editing the existing one?
A separate "location" that matches what you want and is "higher priority"
than the regex location that this request currently matches.
location = /api/configuration {
# do what you want, probably including proxy_pass
}
You could use "location ^~ /api/configuration", if you want to allow
anything with that prefix.
Good luck with it,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list