Welcome! Log In Create A New Profile

limit_except - require trusted ip AND auth vs. ip OR auth

Forum List Message List New Topic Print View

Matthias Müller

June 18, 2019 10:42AM

I would like to constrain HTTP access (PUT, POST) to an NGINX server
for specific locations.

There are two cases:

1) Permit POST, PUT if the request matches a trusted IP address OR
Basic auth credentials (either-or)
2) Permit POST, PUT if the request matches a trusted IP address AND
Basic auth credentials (must match both)

The configuration for (2) is appended. But how can I achieve (1)? It
seems that "satisfy any" cannot be included with "limit_except".

-Matthias

Config example case (2):

location / {
...
}

location /a {
# deny everything but GET/HEAD and OPTIONS
limit_except GET HEAD OPTIONS {
allow 127.0.0.1;
allow 172.0.0.0/8;
allow 141.30.27.36;
auth_basic 'Restricted';
auth_basic_user_file /etc/nginx/.htpasswd;
deny all;
}
...
}

location /b {
...
}

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
limit_except - require trusted ip AND auth vs. ip OR auth	Matthias Müller	June 18, 2019 10:42AM
Re: limit_except - require trusted ip AND auth vs. ip OR auth	Patrick	June 18, 2019 11:04PM
Re: limit_except - require trusted ip AND auth vs. ip OR auth	Patrick	June 18, 2019 11:14PM
Re: limit_except - require trusted ip AND auth vs. ip OR auth	Maxim Dounin	June 19, 2019 08:34AM
Re: limit_except - require trusted ip AND auth vs. ip OR auth	Matthias Müller	June 21, 2019 03:30AM