|
Size: 2452
Comment:
|
Size: 2014
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 56: | Line 56: |
| * [[Nginx/RewritingAndReturning|RewritingAndReturning]] | * [[Nginx/RewritingAndReturning|Rewriting and Returning]] |
| Line 74: | Line 74: |
=== Restricting Access === To deny requests based on the URI, use a location block. {{{ location ~ ^\.ht { return 444; } }}} To deny requests based on the HTTP method, use a conditional statement. {{{ if ($request_method !~ ^(GET|HEAD|POST)$ ) { return 444; } }}} In all circumstances, conditional statements should be the last resort technique. They can be less than intuitive and difficult to debug. |
Nginx
nginx(8) is a web and proxy server written for modern workloads (chiefly multi-threading).
Contents
Installation
Most Linux and BSD distributions offer a nginx package.
On Ubuntu, to ensure all security patches have been applied, use the upstream PPA.
sudo add-apt-repository ppa:nginx/stable sudo apt update sudo apt install nginx
Containers
Docker container images are also available for the last two versions. The image is available from DockerHub as docker.io/library/nginx (or simply nginx when using docker(1) specifically).
Try:
docker run --detach --name my-nginx \ --mount type=bind,src=/path/to/web/root,dst=/usr/share/nginx/html,readonly \ --publish 127.0.0.1:8080:80 \ nginx:latest
Configuration
To check the configuration of nginx(8), run...
nginx -t
Syntax
Proxying
Advanced Configuration
Restricting Referrers
It is sometimes desirable to block referrals.
valid_referers none blocked server_names
~example\.com;
if ($invalid_referer) {
return 403;
}none matching missing referers ("-"), while blocked matches referers that have been deleted by a firewall.
Literal server names are given with a leading or trailing asterisk (*). Regular expressions are given with a leading tilde (~).