Private location does not work

Saint Michael venefax at gmail.com
Mon Feb 20 03:54:03 UTC 2023 

I also tried

deny  192.168.1.1;
    allow 192.168.1.0/24;
    allow 10.1.1.0/16;
    allow 2001:0db8::/32;
    deny  all;


and it does not work. It uses the remote IP of the caller.


So Nginx does not have a way to do this.

Thanks doe confirming it.



On Sun, Feb 19, 2023 at 10:32 PM Payam Chychi <pchychi at gmail.com> wrote:

> You need to learn two things:
> 1- learn to read the page and understand what the expected result should be
> 2- google!
>
> Your problem has been well covered thousands of times before.
>
> Your 404 is expected error code when you are accessing the website from
> external.
>
> Also, read
> https://nginx.org/en/docs/http/ngx_http_access_module.html
>
>
>
>
> On Sun, Feb 19, 2023 at 6:34 AM Saint Michael <venefax at gmail.com> wrote:
>
>> Dear Francis
>> it does not work:
>> 404 Not Found
>>
>> this is my code
>> location /asrxxxx {
>> default_type  'text/html; charset=UTF-8';
>> internal;
>> ....
>>
>> }
>>
>> location /carrier_00163e1bb23c {
>> default_type  'text/html; charset=UTF-8';
>> ....
>>
>> }
>>
>> in the public location,  /carrier_00163e1bb23c, I have
>> </div>
>> <iframe src="/asrxxxx">
>>     Your browser does not support iframes
>> </iframe>
>> </div>
>>
>> so how do I block the public from looking at my HTML and executing
>> directly /asrxxxx?
>> Is this a bug?
>> many thanks for your help.
>> Philip
>>
>>
>>
>>
>>
>>
>>
>> On Sun, Feb 19, 2023 at 8:20 AM Francis Daly <francis at daoine.org> wrote:
>>
>>> On Sun, Feb 19, 2023 at 01:52:12AM -0500, Saint Michael wrote:
>>>
>>> Hi there,
>>>
>>> > it fails with forbidden. But I am using only from another location
>>> inside
>>> > the same server.
>>> >
>>> > How do I protect internal service locations and at the same time use
>>> them?
>>>
>>> If you are asking "how do I ensure that a location{} can only be used for
>>> internal redirects/requests", then you want http://nginx.org/r/internal
>>>
>>> Cheers,
>>>
>>>         f
>>> --
>>> Francis Daly        francis at daoine.org
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> https://mailman.nginx.org/mailman/listinfo/nginx
>>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> https://mailman.nginx.org/mailman/listinfo/nginx
>>
> --
> Payam Tarverdyan Chychi
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230219/8f4f2064/attachment.htm>

More information about the nginx mailing list