Welcome! Log In Create A New Profile

Advanced

Re: Limit Available Methods

Previous Message Next Message
Forum List Message List New Topic Print View
Maxim Dounin
March 01, 2012 06:04AM
Hello!

On Thu, Mar 01, 2012 at 05:18:48AM -0500, kamalakarv wrote:

> Want to limit OPTIONS and TRACE method from nginx server
>
> Referred following post( section #11)
> Disable certain HTTP methods at global level, below article will help
> us to restrict at server block level
> *
> http://www.cyberciti.biz/tips/linux-unix-bsd-nginx-webserver-security.html
>
> We want to disable at global level because our configuration consist of
> so many server blocks

The TRACE method is always rejected with 405 since nginx 0.5.17.

To disable other methods like OPTIONS (which currently isn't
handled by nginx, but may be proxy_pass'ed somewhere else) you
have to use either rewrite checks like in the article above or the
"limit_expect" directive (http://nginx.org/r/limit_except). This
isn't possible at global level, though you may use the "include"
directive (http://nginx.org/r/include) to include common
configuration block into all servers.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Limit Available Methods

kamalakarv March 01, 2012 05:18AM

Re: Limit Available Methods

Sergey A. Osokin March 01, 2012 05:40AM

Re: Limit Available Methods

Maxim Dounin March 01, 2012 06:04AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 239
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready