Using below config, According to this,
https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/#
server {
listen 80;
server_name nginx_server_name;
#...
upstream dev {
zone dev 64k;
server backend.example.com:443;
}
locati
* MAXMAXarena:
> The user MUST BE ABLE to download the file from the article pages when
> LOGGED. If the user is NOT LOGGED, he cannot download the file,
> therefore even recovering the url, he must receive an error or any
> other type of block.
You describe restricted access, not public access.
> The user MUST BE ABLE to download the file from the article pages when
> LOGGED.
> If the user is NOT LOGGED, he cannot download the file, therefore even
> recovering the url, he must receive an error or any other type of block.
It's rather difficult to achieve that only with a webserver (as typ
I assume Liferay is throwing exceptions. Are these timeouts or indications
of broken connections?
A typical problem with the Elasticsearch Native Protocol is that it does not
like third-party tear-downs of connections it uses (e.g., by NGINX or some
load balancer).
Posted at Nginx Forum:
https:/
The key requirement you mentioned now: the user needs to be logged in.
So, the next question is: how do we know the user is logged in. It can't be
just a simple cookie because that could be faked (I could add "LOGGED_IN=1"
without the site authorizing this), and therefore there is no security at
a
Hi,
I'm glad to announce a new release of NGINX Unit.
---
To all Unit package maintainers: please don't miss the new '--tmp'
configure option. It specifies the directory where the Unit daemon
stores temporary files (i.e. large reque
Hi, thanks again for the reply.
HOW I want to block I don't know, I am on this forum for this reason.
I thought I was clear, I don't know how to explain it in different words.
I want to prevent the user from downloading the file without being logged on
my site.
The user MUST BE ABLE to download t
Without you being more specific on HOW you want to block direct
downloads and how extreme you want to prevent it, then it's all just a
wild guess what kind of solution you want.
>From the example link you gave for stackoverflow, it sounds like you
just want to prevent hotlinking (i.e. downloading
j94305 Wrote:
---
> 2. You use a session context: whenever a page validly serving a link
> to a certain content is delivered, you set a cookie. Retrievals to
> files require the cookie to be present. No cookie, no access.
>
> Cheers,
> --j.
Hi,
Thanks for all this information, I try to study and apply what you told me.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,287297,287313#msg-287313
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Hi, thank you for your help, but as I said, being an expert, I have
difficulty understanding certain things. If you know how to solve my
problem, a small example would help me.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,287297,287312#msg-287312
11 matches
Mail list logo
