How could I forbid outside visits without response 403

Steve Wilson lists-nginx at swsystem.co.uk
Fri Jun 13 23:19:25 UTC 2014


On 13/06/14 15:14, 姚锟 wrote:
> Hi Buddy,
> I am a newer to Nginx world, now I have a project to link the varnish
> HTTP server and nginx together, nginx is the back end.
>
> I want to allow the connections only by varnish, so I use deny all
> ,this kind of stuff to archieve this.
>
> But if there is a way to compeletely forbid the connections, at
> present, even the outside connections is forbidden, but I think it
> still waste some resourses, "RETURN A 403 STATIC PAGE"..
>
> I will not use a iptables..
>
If varnish and nginx are on the same machine, you could configure nginx
listen to listen on loopback (127.0.0.1:8080 say) and varnish to connect
to that ip:port. This will stop all external direct access to nginx.

I'm guessing you've some conditional check in nginx that's currently
denying external access, you could look at the 444 return code. A quick
google came up with
<http://www.acloudtree.com/how-to-deny-hosts-using-nginx/>

Steve.



More information about the nginx mailing list