On Fri, Jan 01, 2021 at 02:54:21AM -0500, Dr_tux wrote: Hi there,
> I'm stuck in this. I am open to your suggestions. Thank you. Untested by me, but... > I have a reverse proxy configuration as follows, I want to block exe > extensions for requests from here. But it doesn't work. How can I do that ? I would probably use "map" to set a variable $block_this_extension to 1 or empty based on whatever part of the url is relevant to you -- perhaps match the end of $request_filename; perhaps look at $request_uri or $document_uri. And then, if the "ok" IP addresses are easy to list in a "map", set a new variable $block_this_request based on $remote_addr to empty for the "ok" addresses, defaulting to $block_this_extension. And then just before the proxy_pass (or whatever you are trying to protect), if $block_this_request is 1 (or: is not empty), return the rejection code that you want. (If the "ok" IP addresses are not easy to list in a map, then "geo" can be used, but that becomes a little more fiddly, I think.) http://nginx.org/r/map Good luck with it, f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
