Private location does not work

Payam Chychi pchychi at gmail.com
Mon Feb 20 04:51:51 UTC 2023 

You need to be more clear on what you are trying to do so we can help you.
Draw a diagram or something with the details.

You can use authentication and use that to protect and use at the same time
but again, you have left out some critical details as to what you are tying
to accomplish.

Nginx is powerful, you can write rules to do almost anything, but first you
need to figure out what you want to do.



On Sun, Feb 19, 2023 at 8:24 PM Saint Michael <venefax at gmail.com> wrote:

> It uses the original IP of the user, not of the server.
> That's why the ALLOW..DENY does not work either.
> Nobody thought about this in Nginx.
>
>
> On Sun, Feb 19, 2023 at 11:00 PM Payam Chychi <pchychi at gmail.com> wrote:
>
>> Yes it does, but you are not providing enough on what you are doing, only
>> what you want to do.
>>
>> Run developer tools and see what your ip address is reported as.
>>
>> On Sun, Feb 19, 2023 at 7:54 PM Saint Michael <venefax at gmail.com> wrote:
>>
>>> I also tried
>>>
>>> deny  192.168.1.1;
>>>     allow 192.168.1.0/24;
>>>     allow 10.1.1.0/16;
>>>     allow 2001:0db8::/32;
>>>     deny  all;
>>>
>>>
>>> and it does not work. It uses the remote IP of the caller.
>>>
>>>
>>> So Nginx does not have a way to do this.
>>>
>>> Thanks doe confirming it.
>>>
>>>
>>>
>>> On Sun, Feb 19, 2023 at 10:32 PM Payam Chychi <pchychi at gmail.com> wrote:
>>>
>>>> You need to learn two things:
>>>> 1- learn to read the page and understand what the expected result
>>>> should be
>>>> 2- google!
>>>>
>>>> Your problem has been well covered thousands of times before.
>>>>
>>>> Your 404 is expected error code when you are accessing the website from
>>>> external.
>>>>
>>>> Also, read
>>>> https://nginx.org/en/docs/http/ngx_http_access_module.html
>>>>
>>>>
>>>>
>>>>
>>>> On Sun, Feb 19, 2023 at 6:34 AM Saint Michael <venefax at gmail.com>
>>>> wrote:
>>>>
>>>>> Dear Francis
>>>>> it does not work:
>>>>> 404 Not Found
>>>>>
>>>>> this is my code
>>>>> location /asrxxxx {
>>>>> default_type  'text/html; charset=UTF-8';
>>>>> internal;
>>>>> ....
>>>>>
>>>>> }
>>>>>
>>>>> location /carrier_00163e1bb23c {
>>>>> default_type  'text/html; charset=UTF-8';
>>>>> ....
>>>>>
>>>>> }
>>>>>
>>>>> in the public location,  /carrier_00163e1bb23c, I have
>>>>> </div>
>>>>> <iframe src="/asrxxxx">
>>>>>     Your browser does not support iframes
>>>>> </iframe>
>>>>> </div>
>>>>>
>>>>> so how do I block the public from looking at my HTML and executing
>>>>> directly /asrxxxx?
>>>>> Is this a bug?
>>>>> many thanks for your help.
>>>>> Philip
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Sun, Feb 19, 2023 at 8:20 AM Francis Daly <francis at daoine.org>
>>>>> wrote:
>>>>>
>>>>>> On Sun, Feb 19, 2023 at 01:52:12AM -0500, Saint Michael wrote:
>>>>>>
>>>>>> Hi there,
>>>>>>
>>>>>> > it fails with forbidden. But I am using only from another location
>>>>>> inside
>>>>>> > the same server.
>>>>>> >
>>>>>> > How do I protect internal service locations and at the same time
>>>>>> use them?
>>>>>>
>>>>>> If you are asking "how do I ensure that a location{} can only be used
>>>>>> for
>>>>>> internal redirects/requests", then you want
>>>>>> http://nginx.org/r/internal
>>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>>         f
>>>>>> --
>>>>>> Francis Daly        francis at daoine.org
>>>>>> _______________________________________________
>>>>>> nginx mailing list
>>>>>> nginx at nginx.org
>>>>>> https://mailman.nginx.org/mailman/listinfo/nginx
>>>>>>
>>>>> _______________________________________________
>>>>> nginx mailing list
>>>>> nginx at nginx.org
>>>>> https://mailman.nginx.org/mailman/listinfo/nginx
>>>>>
>>>> --
>>>> Payam Tarverdyan Chychi
>>>> _______________________________________________
>>>> nginx mailing list
>>>> nginx at nginx.org
>>>> https://mailman.nginx.org/mailman/listinfo/nginx
>>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> https://mailman.nginx.org/mailman/listinfo/nginx
>>>
>> --
>> Payam Tarverdyan Chychi
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> https://mailman.nginx.org/mailman/listinfo/nginx
>>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>
-- 
Payam Tarverdyan Chychi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230219/1e17bd63/attachment.htm>

More information about the nginx mailing list