An "error" that maybe should be an "info" or "debug"
Maxim Dounin
mdounin at mdounin.ru
Fri Jan 24 15:46:22 UTC 2014
Hello!
On Thu, Jan 23, 2014 at 06:22:40PM +0100, Albert Casademont Filella wrote:
> Hi all,
>
> We have a media server and we protect certain files from being accessed by
> external ips, we just allow access from our static ip. Everything works ok
> and a 403 is thrown to those who try to access the files.
>
> server {
> listen ***;
> root ***;
>
> {some other settings}
>
> # protect original image files
> location ~* "/[0-9]+\.(jpg|jpeg|tif|tiff|png|gif)$" {
> allow ***;
> deny all;
> }
> }
>
> However, an entry like this is logged in the error.log
>
> 2014/01/23 17:44:44 [error] 31071#0: *2701529 access forbidden by rule,
> client: ***, server: ***, request: "GET /29531.png HTTP/1.1", host: "***"
>
> Is this really an nginx error? Couldn't this be lowered to an "info" or
> "debug" level message?
While this isn't an nginx error, it's either user or a configuration
error, and lowering the logging level will likely result in
confusion if the access is forbidden unintentionally and/or for
other reasons it's not clear why the error is returned.
Currently, the error_log with a higher level can be used in a
particular location if such errors are common and shouldn't be
logged. If it doesn't work for you for some reason, than adding
something similar to log_not_found and/or limit_req_log_level
directives can be considered.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list