Nginx Security Hardening and Rules
c0nw0nk
nginx-forum at nginx.us
Mon Oct 20 13:37:51 UTC 2014
Yeah sorry about that Maxim i don't actualy use the allow ip feature i
accidently hashed out the #deny all; and this forum does not let us edit our
posts.
Other than that the following that you posted.
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}
For nginx itself this is not needed. Something like this may be
useful if you are protecting your backends. See also limit_except
which can be used on a per-location level:
limit_except GET POST {
deny all;
}
Did you intentionaly miss Head ?
limit_except GET HEAD POST {
deny all;
}
I dont see the benefit from using one to the other they both do the same
thing.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,254125,254166#msg-254166
More information about the nginx
mailing list