问题
I want to secure some locations in nginx by supplying deny/allow directives, but I do not want outsider to know that a location is denied. I want outsider to get 404, not 403 http code. My configuration snippet is
location /admin/ {
uwsgi_pass myupstream1;
include /path/to/uwsgi_params;
allow 127.0.0.1;
deny all;
}
When I try to visit /admin/ nginx responds with HTTP 403, but I want it respond with HTTP 404. Any recipe for this?
回答1:
error_page 403 404 /404.html;
location = /404.html {
internal; #return 404
}
location /admin/ {
uwsgi_pass myupstream1;
include /path/to/uwsgi_params;
allow 127.0.0.1;
deny all;
}
The 'internal' returns 404 by default.
Adapted from this answer here
回答2:
A more elegant way is to create a custom error page. In that page instead of showing http error code, you can specify a custom message.
Name an error page
error_page 403 =404 /40X.html; location /admin/ { uwsgi_pass myupstream1; include /path/to/uwsgi_params; allow 127.0.0.1; deny all; } location /40X.html { root path/to/public; }
In your 40x.html you can write any message
<html> <body> The requested resource is not available </body> </html>
place this 40x.html in your path/to/public directory
回答3:
You can use "rewrite" instead of "deny all"
location /admin/ {
uwsgi_pass myupstream1;
include /path/to/uwsgi_params;
#allow 127.0.0.1;
#deny all;
rewrite ^/admin/(.*)$ /404.php?id=$1;
}
Put 404.php into the root of your domain (eg _http://127.0.0.1/404.php) or change "path/to/file/404.php?id=$1"
回答4:
return 404; will do what you want . Look bellow
location /admin/ {
uwsgi_pass myupstream1;
include /path/to/uwsgi_params;
allow 127.0.0.1;
deny all;
#Following line returns 404
return 404;
}
来源:https://stackoverflow.com/questions/26369128/how-to-deny-with-404-on-nginx