Welcome! Log In Create A New Profile

Advanced

Re: Nginx Security Hardening and Rules

Maxim Dounin
October 20, 2014 09:46AM
Hello!

On Mon, Oct 20, 2014 at 09:37:51AM -0400, c0nw0nk wrote:

> Yeah sorry about that Maxim i don't actualy use the allow ip feature i
> accidently hashed out the #deny all; and this forum does not let us edit our
> posts.

This is because it's not a forum, it's a mailing list.

> Other than that the following that you posted.
>
> if ($request_method !~ ^(GET|HEAD|POST)$ ) {
> return 444;
> }
>
> For nginx itself this is not needed. Something like this may be
> useful if you are protecting your backends. See also limit_except
> which can be used on a per-location level:
>
> limit_except GET POST {
> deny all;
> }
>
> Did you intentionaly miss Head ?
> limit_except GET HEAD POST {
> deny all;
> }

Yes, see http://nginx.org/r/limit_except. HEAD is automatically
included if you specify GET.

> I dont see the benefit from using one to the other they both do the same
> thing.

The limit_except is expected to be slightly more efficient as
it'll use already parsed request method id instead of a regular
expression.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Nginx Security Hardening and Rules

c0nw0nk October 18, 2014 10:51PM

Re: Nginx Security Hardening and Rules

c0nw0nk October 18, 2014 11:21PM

Re: Nginx Security Hardening and Rules

mex October 19, 2014 11:00AM

Re: Nginx Security Hardening and Rules

c0nw0nk October 19, 2014 12:14PM

Re: Nginx Security Hardening and Rules

mex October 19, 2014 12:57PM

Re: Nginx Security Hardening and Rules

itpp2012 October 19, 2014 01:31PM

Re: Nginx Security Hardening and Rules

c0nw0nk October 19, 2014 01:47PM

Re: Nginx Security Hardening and Rules

sarahnovotny October 19, 2014 12:22PM

Re: Nginx Security Hardening and Rules

Maxim Dounin October 20, 2014 01:48AM

Re: Nginx Security Hardening and Rules

c0nw0nk October 20, 2014 09:37AM

Re: Nginx Security Hardening and Rules

c0nw0nk October 20, 2014 09:42AM

Re: Nginx Security Hardening and Rules

Maxim Dounin October 20, 2014 09:46AM

Re: Nginx Security Hardening and Rules

Stefanita Rares Dumitrescu October 20, 2014 01:26PM

Re: Nginx Security Hardening and Rules

mex October 20, 2014 02:13PM

Re: Nginx Security Hardening and Rules

Maxim Dounin October 20, 2014 02:24PM

Re: Nginx Security Hardening and Rules

c0nw0nk October 21, 2014 09:16AM

Re: Nginx Security Hardening and Rules

itpp2012 October 21, 2014 10:47AM

Re: Nginx Security Hardening and Rules

c0nw0nk October 21, 2014 02:01PM

Re: Nginx Security Hardening and Rules

c0nw0nk October 23, 2014 11:43AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 102
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready