On Thu, May 14, 2020 at 11:10:20AM -0700, PGNet Dev wrote:
Hi there,
> editing a general location match to exclude one, specific instance?
It is usually easier to use positive matches instead of negative ones.
> I've had a trivial 'protection' rule in place for a long time
>
> location ~*
> (gulpfile\.js|settings.php|readme|schema|htpasswd|password|config) {
> deny all;
> }
> 2020/05/12 22:16:39 [error] 57803#57803: *1 access forbidden by rule,
> client: 10.10.10.10, server: testapp.example1.com, request: "GET
> /api/configuration HTTP/2.0",
> I'd like to edit the match to PASS that^ logged match -- as
> specifically/uniquely as possible -- but CONTINUE to 'deny all' for all
> other/remaining matches on "config".
>
> How would that best be done? A preceding location match? Or editing the
> existing one?
A separate "location" that matches what you want and is "higher priority"
than the regex location that this request currently matches.
location = /api/configuration {
# do what you want, probably including proxy_pass
}
You could use "location ^~ /api/configuration", if you want to allow
anything with that prefix.
Good luck with it,
f
--
Francis Daly [email protected]
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
