Nginx with php configuration how to block all requests/urls other than two?
Francis Daly
francis at daoine.org
Thu Jan 29 18:46:54 UTC 2015
On Thu, Jan 29, 2015 at 09:20:36AM -0500, c0nw0nk wrote:
> So i use nginx with PHP and i have the following two urls i want to allow
> access on the subdomain.
>
> The full url would be
> sub1.domain.com/index.php?option=com_hwdmediashare&task=addmedia.upload&base64encryptedstring
Usually you don't want to match $args, because the order is not fixed. But
if you are happy that it is in your case, you can just do:
server {
server_name sub1.domain.com;
location / { return 404; }
location = /index.php {
if ( $args !~ 'option=com_hwdmediashare&task=addmedia.upload' ) {
return 404;
}
# do whatever
}
}
Change "404" to whatever you want "block" to mean.
"# do whatever" will probably involve fastcgi_pass or something similar.
Note that this does not restrict access to exactly this query string;
if it matters, you can tighten things. But it is probably simpler for
your index.php to check that arguments are exactly what is expected or
else to fail.
> And
>
> sub1.domain.com/media/com_hwdmediashare/assets/swf/Swiff.Uploader.swf
location = /media/com_hwdmediashare/assets/swf/Swiff.Uploader.swf {}
> But i cant figure out in nginx how to block all other traffic/requests on
> the subdomain apart from those two urls
location /
matches any normal request that does not match any other location.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list