http-access-control #

A custom Nginx module for advanced access control based on variables.

Source: upstream source

Directives

access #

syntax: access [allow|deny] variable;  ·  default: -  ·  context: http, server, location

The access directive defines an access control rule based on a variable. The variable is evaluated at runtime, and if it is non-empty and not zero, the rule is considered matched. The allow parameter allows access if the condition is met. The allowed request will no longer match the remaining access control rules.

access_deny_status #

syntax: access_deny_status code;  ·  default: access_deny_status 403;  ·  context: http, server, location

Sets the HTTP status code to return in response when access is denied by a deny rule.

access_inherit #

syntax: access_inherit 1 arg (enum);  ·  context: http, server, location

Pick one of an enumerated set of values.

Example

server {
    listen 80;
    server_name example.com;

    # Allow access if $var2 is non-empty and not zero. The allowed request will no longer match the remaining access control rules.
    access allow $var1;

    # Deny access if $var1 is non-empty and not zero
    access deny $var2;

    location / {
        # Your other configurations
    }

    location /restricted {
        # Override deny status code
        access_deny_status 404;

        # Deny access if $var3 is non-empty and not zero
        access deny $var3;
    }
}

↑ back to index