skip to Main Content

As I explained in title I want to restrict access unless the header is satisfied. In the given link, it is explained how to restrict a specific path access, however I couldn’t find anything about how to add conditions to this restriction from my researches. Any idea about this problem?

2

Answers


  1. Instead of deny/allow directives you can check any HTTP header value via $http_<name> variable and use return 403 to forbid access. For example, lets call our header X-Secret-Token:

    location /some/path {
        if ($http_x_secret_token != 'my-super-secret-password') {
            return 403; # HTTP 403 Forbidden, the same code as generated by 'deny' directive
        }
        ...
    }
    

    If you need some complex checks, you can use several chained map blocks (see the example).

    Login or Signup to reply.
  2. From the research I’ve made it seems like the token approach presented here before seems to be the only suitable solution, a similar question has been asked here.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search