I use nginx as my reverse proxy server to fetch image from the file server, which is also a web server.
It works well. but I want add permission check based on the url before send request to my file server. If has permission, just forwarding to my file server, or else just return 404.
BTW, I can't add the check in my file server for some reason.
I think I got the answer.
The module "http_auth_request_module" is what I want. https://www.nginx.com/resources/admin-guide/restricting-access-auth-request/
Related
I am using the wordpress API to delete posts externally
however when running a delete request it returns a 403 with the error log as follows:
[authz_core:error] ... client denied by server configuration
All other request types work.
All I need to do is find the location of the server configuration file responsible for blocking delete requests which all research around delete requests causing this error has not been able to provide.
The server is a centos server,
I have checked the vhost configs and apache configs and all are clear to not be blocking request types.
Some insight on where this block will be taking place would be appreciated.
When we send an HTTP request to a web server as to load a web page e.g. http://wwww.nothing_is_here.com, what exactly the server does as to serve our request? Till now, I thought the server was looking to find a file named index (index.html, index.php) which should have HTML content and send it back to our browser. Now, I know this is not always the case. For example, in ASP .NET where we apply routing, home/index path is added to the URL by default as for our app to be routed. That's I cannot understand is how exactly the server acts upon a similar situation. Why it does not return an error message in case there is no index file, how it knows it has to apply routing rules? How can we instruct the server what to do in either case?
What the server does when it receives a request for the root (which is what it will receive in your example), is up to the server configuration. It is not within the control of the client making the request.
The server will be configured to have a default document (file name) in such cases, which is often index.html, but equally could be any file set by the administrator of the server.
The server will often be configured to recognise different hosts (e.g. if it's serving multiple sites on the same interface:port. These different sites will often have different configuration about what the default file name(s) is/are (if any). In some cases the server is configured to display a directory listing of a server-configured site root folder.
As part of an imageprocessing module I accept urls in the following format in order to process and cache externally hosted images.
http://localhost:56639/remote.axd/http://ipcache.blob.core.windows.net/source/IMG_0671.JPG?width=400&filter=comic
After processing the file, if I use Response.Redirect(url, false) to redirect the server to a valid external cache url, the server returns a 404 error response citing the StaticFileHandler as the source of the error.
If the file comes from a local source something like.
http://localhost:56639/IMG_0671.JPG?width=400&filter=comic
The server redirects to the external url without issue. Can someone explain why and provide a solution?
Note: remote.axd does nothing other than allow the local server to intercept the external url. I use the .axd extension as it isn't mapped to route by default in MVC.
I've noticed that when looking at the request path the http:// segment is replaced with http:/. I don't know whether that causes an issue.
So the reference to StaticFileHandler is the clue.
Following the actions of my HttpModule the handler is attempting to process the request. When a locally cached file is used this finds the file and all is ok. Since I am redirecting to a remote url and have a remote source the handler is finding nothing and throwing a 404 exception.
Further processing of the request has to be halted following a rewrite using the following method.
HttpApplication.CompleteRequest
User uses input(type="file") to upload file on server
req.files.avatar to access file on server side
How can I send this file (req.files.avatar) by HTTP POST method (name="avatar") to another server. I don't want to store it before sending.
I think what your looking for is;
https://github.com/nodejitsu/node-http-proxy
Am trying to use asterisk by posting via http to get the peers, and i keep getting permission denied and then the remote server is not accessible or disconnected, though the login action is working fine and the manager.conf persimission is set correct to allow read and write.
Here is the request:
http://[ServerName]:8088/asterisk/mxml?action=Sippeers&actionid=SipPeersAction&SuppressEvents=True
I found the problem. It turns out that one of the extensions/trunks set inside the SIP file is causing reading the peers to crash, so the users is disconnected, and that's why you get permission denied afterward. So first comment all the extensions inside the sip file then try to run the sippeers actions, make sure it works, then start enabling extension gradually until you identify the extension that is causing the problem.
May be you are using a custom code (http client) instead of browser and your client is not handling cookies properly! after the login request you must get cookie from asterisk response and save it for further use.
read more about ajam here
http://www.voip-info.org/wiki/index.php?page_id=3578
and here is php based example that how to use cookies in custom request (http client)
http://coderscult.com/php/php-curl/2008/05/20/php-curl-cookies-example/