我有一个应用程序将使用GET& POST方法.为了更好的安全性,我已将Nginx配置为仅使用POST请求来服务页面.下面是我在Nginx中使用的配置.
在Nginx中配置:
if($request_method!〜^(POST)$){
返回404; }
这很完美.
现在,我想改变Nginx中的上述配置,以便同时使用GET和amp; POST请求.但是,我无法做到.
我使用了很多组合,但没有运气.
有人可以帮我配置相同的Nginx.
注意:我使用Nginx(在前端)作为web服务器和apache(在后端)用于服务应用程序.我已经配置了Nginx来成功地将请求的网页重定向到apache.
#user nobody;worker_processes 1;#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info;#pid logs/Nginx.pid;events {worker_connections 1024;}http {include mime.types;default_type application/octet-stream;#log_format main '$remote_addr - $remote_user [$time_local] "$request" '# '$status $body_bytes_sent "$http_referer" '# '"$http_user_agent" "$http_x_forwarded_for"';#access_log logs/access.log main;sendfile on;#tcp_nopush on;#keepalive_timeout 0;keepalive_timeout 65;#gzip on;server {listen 8081;server_name localhost;#charset koi8-r;access_log /logs/host.access.log;location /WebGoat {#root html;#index index.html index.htm;proxy_pass http://localhost:8080/WebGoat/;}location /application { ##sample project#root html;#index index.html index.htm;if ($request_method !~ ^(POST)$){return 404;}proxy_pass http://localhost:8080/application/;}location ~ ^register\.html {##register.html page should be served with GET & POST requestsif ($request_method !~ ^(GET|POST)$){return 500;}}#error_page 404 /404.html;# redirect server error pages to the static page /50x.html#error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}# proxy the PHP scripts to Apache listening on 127.0.0.1:80##location ~ \.PHP${# proxy_pass http://127.0.0.1;#}# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000##location ~ \.PHP${# root html;# fastcgi_pass 127.0.0.1:9000;# fastcgi_index index.PHP;# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;# include fastcgi_params;#}# deny access to .htaccess files,if Apache's document root# concurs with Nginx's one##location ~ /\.ht {# deny all;#}}# another virtual host using mix of IP-,name-,and port-based configuration##server {# listen 8000;# listen somename:8080;# server_name somename alias another.alias;# location / {# root html;# index index.html index.htm;# }#}# HTTPS server##server {# listen 443;# server_name localhost;# ssl on;# ssl_certificate cert.pem;# ssl_certificate_key cert.key;# ssl_session_timeout 5m;# ssl_protocols SSLv2 SSLv3 TLSv1;# ssl_ciphers HIGH:!aNULL:!MD5;# ssl_prefer_server_ciphers on;# location / {# root html;# index index.html index.htm;# }#}}
提前致谢,
桑迪普
最佳答案
我会写这样的东西:
location /application {proxy_pass http://
变化:
>几乎没有理由写limit_except GET POST. A认为禁止对这些地址的OPTIONS请求对您来说很重要.
>你真的想要像/ APPLICATION / Pd /这样的网址吗?我不这么认为,我已经改变了〜*〜.
>从proxy_pass中删除了路径部分,因此Nginx将代理原始路径.
>删除了指定位置.
