limit_except ignored
Maxim Khitrov
max at mxcrypt.com
Sun Aug 21 18:27:34 UTC 2016
On Sun, Aug 21, 2016 at 1:43 PM, Maxim Khitrov <max at mxcrypt.com> wrote:
> Hi,
>
> I'm running nginx v1.9.10 on OpenBSD with the following server definition:
>
> server {
> listen 80;
> server_name example.com;
> location / {
> deny all;
> limit_except POST {
> allow all;
> proxy_pass http://10.1.2.3;
> }
> proxy_set_header Host $host;
> }
> }
>
> To my surprise, all GET requests are allowed and are passed to the
> backend server. Is this a bug or am I doing something stupid? In the
> final configuration I want to only allow GET requests, but I'm
> limiting to POST for now to simplify testing.
>
> -Max
I got it working by swapping 'allow' and 'deny' directives and moving
proxy_pass out of limit_except. I was just confused by the
documentation for limit_except. Sorry for the noise.
More information about the nginx
mailing list