file upload authorization
Igor Sysoev
is at rambler-co.ru
Mon Dec 3 10:38:42 MSK 2007
On Mon, Dec 03, 2007 at 07:22:40AM +0100, Rapsey wrote:
> I don't like the idea that anyone is able to upload a file to my server (up
> to client_max_body_size), without authorizing himself. Maybe I'm paranoid.
> I was just wondering if there is a way to do authorization first. I can't
> find anything in the wiki but nginx configuration is full of clever ways to
> do something that are not apparent.
>
If you use basic authorization, then as it was suggested you may use
location /upload/ {
limit_expect GET {
auth_basic ...
auth_basic_user_file
}
> On Dec 2, 2007 10:11 PM, Alex Egg <eggie5 at gmail.com> wrote:
>
> > isnt this a higher level question unrelated to nginx? perhaps your
> > back end software ?
> >
> > On 12/2/07, Rapsey <rapsey at gmail.com> wrote:
> > > A fastcgi application receives an uploaded file only after it has been
> > > uploaded, how do you then prevent just anyone (or anything) from
> > uploading a
> > > file?
> > >
> > >
> > > thank you,
> > > Sergej
> > >
> >
> >
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list