Allow internal redirect to URI x, but deny external request for x?
lists at lazygranch.com
Fri Aug 30 21:23:43 UTC 2019
I've been following this thread not really out of need but rather that it is really interesting. That said, I don't think for security you want to "escape" the web root. The risk is that might aid a traversal attack.
From: hobson42 at gmail.com
Sent: August 30, 2019 12:01 PM
To: nginx at nginx.org
Reply-to: nginx at nginx.org
Subject: Re: Allow internal redirect to URI x, but deny external request for x?
On 30/08/19 18:33, J. Lewis Muir wrote:
> I'm using nginx 1.12.2 on RHEL 7, and I've got a FastCGI web app that
> uses a deployment structure which uses an atomic symlink change for an
> atomic app deploy, and I'm wishing to be able to do an internal redirect
> in nginx to URL x, but deny an external request to the same URL x so
> that I don't serve the same content at more than one URL. Is there a
> way to do that?
You could place the different versions away from the root so they cannot
be obtained from the web. Then they can be served by setting up a
symlink to the desired version.
This can be changed using "ln -sfn version/dir serving/root" and then
restarting nginx to pick up the new version.
By not using redirects, this method should be more efficient.
nginx mailing list
nginx at nginx.org
More information about the nginx