allow/deny for a single location, with other location handler
Eden Li
eden at mojiti.com
Sun Feb 3 04:18:18 MSK 2008
proxy_* config declarations in the server block trickle down to
location blocks.
eg:
proxy_set_header X-Forwarded-For $http_x_client_ip;
..
location / { proxy_pass ...; } # (1)
location /account/sync_profile/ { allow 59.150.40.29; deny all;
proxy_pass ...; } # (2)
both (1) and (2) will pass along the X-Client-IP header
On Feb 2, 2008, at 11:04 AM, Robert Bunting wrote:
> Hi,
>
> I'm using nginx to proxy through to apache, with a simple
>
> location / {
> proxy_pass ...
> }
>
> However, there is one location ( /account/sync_profile/) which I'd
> like to restrict to just one IP address.
>
> If I add a location for that address,
> location /account/sync_profile/ {
> allow 59.150.40.29;
> deny all;
> }
>
> then of course it doesn't get handled by the proxy.
>
> I can't put an
> if ($uri = /account/sync_profile) { allow 59.150.40.29; deny all; }
> inside my main location, since allow, deny won't work there.
>
> I can't use a multi-level if;
>
> I suppose one solution would be to include the proxy config into the
> restricted location as well, but this seems like unnecessarily
> verbose..
>
> Any ideas?
>
> thanks,
> robert.
>
>
>
>
More information about the nginx
mailing list