'nginx - allow GET for all and allow DELETE only for certain IP in the same location block

I'm struggling on setting up restrictions by request method in the nginx location block. I want to allow GET for everyone, however I want to allow DELETE as well but for certain IP addresses / CIDR only. How can I achieve this?

I tried with this, but that seems do not work as expected:

location /data {

  if ($request_method !~ ^(DELETE|GET) {
     return 405;
  }

  limit_except GET {
     allow all;
  }

  allow 10.10.10.0/24;
  allow 127.0.0.1;
  deny all;
}
nginxlocation


Solution 1:[1]

I think I solved it. I misinterpreted limit_except directive.

This is what worked for me:

limit_except GET {
  allow 10.10.10.0/24;
  allow 127.0.0.1;
  deny all;
}

So, what this actually says is allow GET for all and limit access to other methods for all except for specified IPs.

Directive in if clause is ignored. Other methods are controlled by backend application.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Zlatko Treš?ec

Related Questions

Nginx getting the event "ngx_master_****" was not signaled for 5s

Valid characters in nginx upstream name

Nginx proxy_pass with $remote_addr

Nginx the event was not signaled for 5s

how to serve static files through nginx and django in windows

The Streamlit app stops with "Please wait... " and then stops

The Streamlit app stops with "Please wait... " and then stops

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

Locate the nginx.conf file my nginx is actually using

Angular SPA with Custom --base-href and Nginx Routing

What does "trust proxy" actually do in express.js, and do I need to use it?

Nginx ingress controller not giving metrics for prometheus

(13: Permission denied) while connecting to upstream:[nginx]

Ubuntu Nginx/Laravel 500 Internal Server Error