.htaccess issues

Guilherme guilherme.e at gmail.com
Sun Feb 12 15:32:51 UTC 2012


On Fri, Feb 10, 2012 at 5:58 PM, António P. P. Almeida <appa at perusio.net>wrote:

> On 10 Fev 2012 19h40 WET, guilherme.e at gmail.com wrote:
>
> > Adrián,
> >
> > This would fix the problem, but I don't know the directories that
> > has a .htaccess file with allow/deny.
> >
> > Example:
> >
> > Scenario: nginx (cache/proxy) + back-end apache
> >
> > root at srv1 [~]# ls -a /home/domain/public_html/restrictedimages/ ./
> > ../ .htaccess image.jpg root at srv1 [~]# cat
> > /home/domain/public_html/restrictedimages/.htaccess allow from
> > x.x.x.x deny from all
> >
> > In the first access (source IP: x.x.x.x) to
> > http://domain.com/restrictedimages/image.jpg, nginx proxy request to
> > apache and cache response. The problem comes in other request from
> > other IP address different from x.x.x.x. Nginx deliver the objects
> > from cache, even if the ip address is not authorized, because nginx
> > doesn't understand .htaccess.
> >
> > I would like to bypass cache in this cases, maybe using
> > proxy_cache_bypass, but I don't know how. Any idea?
>
> I already gave you a suggestion. You just need to use a geo directive
> where you enumerate all the IPs that can **access**.
>
> AFAICT this foots the bill. No need to complicate it with headers
> being passed to the backend.
>
> --- appa
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>

Antonio, geo directive would be a great idea if I know the IPs that can
access the website (or directory), but the application is not mine, and the
customer can change this list (in .htaccess). In this case the ip list in
nginx would be outdated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120212/ea3dcbfd/attachment.html>


More information about the nginx mailing list