Nginx: allow access to admin ONLY if the request has a secret header. Do this without the if-evil case.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Nginx: allow access to admin ONLY if the request has a secret header. Do this without the if-evil case.

Quintin Par
My website’s being hit hard and I am trying to see if I can limit this at the load balancer (Nginx) level by cutting off requests that don’t have a special header.

I’ve seen some solutions that involve the if statement, notably


Can someone help me with a solution that does NOT involve using an if statement?

- Quintin

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Nginx: allow access to admin ONLY if the request has a secret header. Do this without the if-evil case.

Aleksandar Lazic
On 28/05/2018 07:16, Quintin Par wrote:

>My website’s being hit hard and I am trying to see if I can limit this at
>the load balancer (Nginx) level by cutting off requests that don’t have a
>special header.
>
>I’ve seen some solutions that involve the if statement, notably
>
>https://stackoverflow.com/questions/18970620/nginx-reject-request-if-header-is-not-present-or-wrong
>
>
>Can someone help me with a solution that does NOT involve using an if
>statement?

What's wrong with if in your use case.

The solution with the map looks okay to me.

>- Quintin

Best regards
aleks

>_______________________________________________
>nginx mailing list
>[hidden email]
>http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: Nginx: allow access to admin ONLY if the request has a secret header. Do this without the if-evil case.

Quintin Par

Thank you for validating. I was not sure if the “if” here was a good use.



- Quintin

On Mon, May 28, 2018 at 9:28 AM, Aleksandar Lazic <[hidden email]> wrote:
On 28/05/2018 07:16, Quintin Par wrote:
My website’s being hit hard and I am trying to see if I can limit this at
the load balancer (Nginx) level by cutting off requests that don’t have a
special header.

I’ve seen some solutions that involve the if statement, notably

https://stackoverflow.com/questions/18970620/nginx-reject-request-if-header-is-not-present-or-wrong


Can someone help me with a solution that does NOT involve using an if
statement?

What's wrong with if in your use case.

The solution with the map looks okay to me.

- Quintin

Best regards
aleks

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx


_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx