<div dir="ltr"><div class="gmail_default" style="font-size:small">It uses the original IP of the user, not of the server.</div><div class="gmail_default" style="font-size:small">That's why the ALLOW..DENY does not work either.</div><div class="gmail_default" style="font-size:small">Nobody thought about this in Nginx.</div><div class="gmail_default" style="font-size:small"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 19, 2023 at 11:00 PM Payam Chychi <<a href="mailto:pchychi@gmail.com">pchychi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Yes it does, but you are not providing enough on what you are doing, only what you want to do.</div><div dir="auto"><br></div><div dir="auto">Run developer tools and see what your ip address is reported as.</div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 19, 2023 at 7:54 PM Saint Michael <<a href="mailto:venefax@gmail.com" target="_blank">venefax@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-size:small">I also tried</div><div class="gmail_default" style="font-size:small"><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)">deny  192.168.1.1;
    allow <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a>;
    allow <a href="http://10.1.1.0/16" target="_blank">10.1.1.0/16</a>;
    allow 2001:0db8::/32;
    deny  all;</pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)"><br></pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)">and it does not work. It uses the remote IP of the caller.</pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)"><br></pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)">So Nginx does not have a way to do this.</pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)">Thanks doe confirming it.</pre><pre style="padding:0px;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)"><br></pre></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 19, 2023 at 10:32 PM Payam Chychi <<a href="mailto:pchychi@gmail.com" target="_blank">pchychi@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">You need to learn two things:</div><div dir="auto">1- learn to read the page and understand what the expected result should be</div><div dir="auto">2- google! </div><div dir="auto"><br></div><div dir="auto">Your problem has been well covered thousands of times before.</div><div dir="auto"><br></div><div dir="auto">Your 404 is expected error code when you are accessing the website from external.</div><div dir="auto"><br></div><div dir="auto">Also, read <div><a href="https://nginx.org/en/docs/http/ngx_http_access_module.html" target="_blank">https://nginx.org/en/docs/http/ngx_http_access_module.html</a></div><div dir="auto"><br></div></div><div dir="auto"><br></div><div dir="auto"><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 19, 2023 at 6:34 AM Saint Michael <<a href="mailto:venefax@gmail.com" target="_blank">venefax@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-size:small">Dear Francis</div><div class="gmail_default" style="font-size:small">it does not work: </div><h1 style="font-family:"Times New Roman";text-align:-webkit-center;color:rgb(0,0,0)">404 Not Found</h1><div><br></div><div class="gmail_default" style="font-size:small">this is my code</div><div class="gmail_default" style="font-size:small">location /asrxxxx {<br>default_type  'text/html; charset=UTF-8';<br>internal;<br>....<br>            <br>}<br><br>location /carrier_00163e1bb23c {<br>default_type  'text/html; charset=UTF-8';<br>....<br>            <br>}<br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">in the public location,  /carrier_00163e1bb23c, I have </div><div class="gmail_default" style="font-size:small"></div><br><iframe src="/asrxxxx"><br>    Your browser does not support iframes<br></iframe><br></div><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">so how do I block the public from looking at my HTML and executing directly /asrxxxx?</div><div class="gmail_default" style="font-size:small">Is this a bug?</div><div class="gmail_default" style="font-size:small">many thanks for your help.</div><div class="gmail_default" style="font-size:small">Philip</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Feb 19, 2023 at 8:20 AM Francis Daly <<a href="mailto:francis@daoine.org" target="_blank">francis@daoine.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Sun, Feb 19, 2023 at 01:52:12AM -0500, Saint Michael wrote:<br>
<br>
Hi there,<br>
<br>
> it fails with forbidden. But I am using only from another location inside<br>
> the same server.<br>
> <br>
> How do I protect internal service locations and at the same time use them?<br>
<br>
If you are asking "how do I ensure that a location{} can only be used for<br>
internal redirects/requests", then you want <a href="http://nginx.org/r/internal" rel="noreferrer" target="_blank">http://nginx.org/r/internal</a><br>
<br>
Cheers,<br>
<br>
        f<br>
-- <br>
Francis Daly        <a href="mailto:francis@daoine.org" target="_blank">francis@daoine.org</a><br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div></div>-- <br><div dir="ltr"><div dir="ltr">Payam Tarverdyan Chychi<br></div></div>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div></div>-- <br><div dir="ltr"><div dir="ltr">Payam Tarverdyan Chychi<br></div></div>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div>