I would like to allow GET / POST / DELETE methods only. otherwise send 501 response. if ($request_method !~* ^(GET|DELETE|POST)$ ) { return 501 '{ "ver": "1.1.2", "txnid": "", "timestamp": "", "errorCode": "NotImplemented", "errorMsg": "Request Method is not implemented"}'; } I am using mixed casby sanjay9999 - Nginx Mailing List - English
Thanks for the update. I have already taken care to hide the "nginx". With CAPITAL letters, my testcase using "POSTSSS" for request_method, works fine.However, for mixed-case and small-case , nginx default rule applies and control does not reach my server block. hence I end up getting 400 error with "nginx" server name in html response.by sanjay9999 - Nginx Mailing List - English
Example used in testcase request method = "POSTsss" I would like to allow GET / POST / DELETE methods only. otherwise send 501 response. if ($request_method !~* ^(GET|DELETE|POST)$ ) { return 501 '{ "ver": "1.1.2", "txnid": "", "timestamp": "", "errorCode": "NotImplemented", "errorMsg": &quby sanjay9999 - Nginx Mailing List - English
Hi, I am using mixed case letters in request methods. nginx finalized http request to 400 becuase as per the standard Request Method is case sensitive. However it shows html response with last line showing "nginx". Our security team says "you should not disclose web server details in the response for a request" We have implemented solution to hide server name and versionby sanjay9999 - Nginx Mailing List - English