Hello!

On Mon, Oct 20, 2014 at 09:37:51AM -0400, c0nw0nk wrote:

> Yeah sorry about that Maxim i don't actualy use the allow ip feature i
> accidently hashed out the #deny all; and this forum does not let us edit our
> posts.

This is because it's not a forum, it's a mailing list.

> Other than that the following that you posted.
>
> if ($request_method !~ ^(GET|HEAD|POST)$ ) {
> return 444;
> }
>
> For nginx itself this is not needed. Something like this may be
> useful if you are protecting your backends. See also limit_except
> which can be used on a per-location level:
>
> limit_except GET POST {
> deny all;
> }
>
> Did you intentionaly miss Head ?
> limit_except GET HEAD POST {
> deny all;
> }

Yes, see http://nginx.org/r/limit_except. HEAD is automatically
included if you specify GET.

> I dont see the benefit from using one to the other they both do the same
> thing.

The limit_except is expected to be slightly more efficient as
it'll use already parsed request method id instead of a regular
expression.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx