NGINX limit_except未工作

kq0g1dla  于 2022-11-02  发布在  Nginx
关注(0)|答案(1)|浏览(215)

我使用API访问测试了NGINX配置(使用方法除外)


# NGINX IP Is 10.250.11.16

log_format  20004  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for" '
                  '"$bytes_sent" "$request_length" "$request_time" '
                  '"$gzip_ratio" $server_protocol ';

server {
    satisfy all;
    listen 20004;
    status_zone server_APIAccess_MethodDeny_NGINXapi_20004;
    include /etc/nginx/api_conf.d/api_error.conf;
    error_page 404 = @400;         # Invalid paths are treated as bad requests
    proxy_intercept_errors on;     # Do not send backend errors to the client
    default_type application/json; # If no content-type then assume JSON

    location / {
        limit_except GET { 
            allow 10.250.11.16/32;
            allow 10.250.20.137/32;
            deny all;                            
        }
        add_header X-IP "$remote_addr" always;  # Tested Header 
        add_header X-Method "$request" always;  # Tested Header 
        access_log /var/log/nginx/access.log 20004;
        error_log /var/log/nginx/debug.log debug;       

        proxy_pass http://10.250.11.11/api/7/nginx;

    }

}

所有IP都允许GET方法(例如:客户端IP -10.250.11.12请求URL: curl -X获取10.250.11.16:20004)

  • 显示10.250.11.12客户端IP和200返回代码的访问日志IP已选中
3wabscal

3wabscal1#

根据nginx文档,limit_except GET会限制除GET和HEAD之外的所有方法,所以预计所有ip都能工作。

相关问题