How to block POST requests?

Calomel nginxlist at
Wed May 14 05:05:01 MSD 2008

You can also use regular expressions for a bit more flexibility. This
way you can explicitly accept only the request methods you allow and
return the error code of your choosing.

## Only allow GET and HEAD request methods
      if ($request_method !~ ^(GET|HEAD)$ ) {
         return 444;

  Nginx "How to" Fast and Secure webserver

  Calomel @
  Open Source Research and Reference

On Wed, May 14, 2008 at 12:44:22AM +0200, Rafa?? Zawadzki wrote:
>Tuesday 13 May 2008 23:26:40 Rt Ibmer napisa??(a):
>> My nginx server should never receive POST requests of any time (only HEAD
>> and GET). How can I set up the configuration so that it will return
>> forbidden (or otherwise just drop the request completely) if someone tries
>> to POST data to my server? I thought I saw this somewhere a while back, but
>> just checked the docs and mailing list archive and can't locate the info.
>> Thanks!
>limit_except  GET HEAD {
>    deny   all;
>and give any feedback.
>Rafa?? Zawadzki [ System Architect ]
>  RHCE Red Hat Certified Engineer
>tel 		+48 22 8430101
>mobile       	+48 600 883 759
>skype id     	blvszcz
>jabber id     	bluszcz at

More information about the nginx mailing list