Hi, This is geoserver-users mailing list so you are a part of the team. I did see your mail but I did not quite understand what you were asking so I did not respond. I have never used nginx in front of Geoserver, but if your nginx requires that the URL begins like …/gis/geoserver/gwc/service/tms/1.0.0/, then WMS requests do not work. But I believe that you have tested that already http://localhost:8080/geoserver/gwc/service/tms/1.0.0?service=WMS&version=1.3.0&request=GetCapabilities
-Jukka Rahkonen- Lähettäjä: Kajal Shrawan Katoke via Geoserver-users <geoserver-users@lists.sourceforge.net> Lähetetty: keskiviikko 10. tammikuuta 2024 7.51 Vastaanottaja: geoserver-users@lists.sourceforge.net Kopio: CHANDRADEEP KUMAR <chandradeep.ku...@india.nec.com>; Madhu <mad...@india.nec.com> Aihe: Re: [Geoserver-users] Query regarding WMS service Hi Team, Gentle Reminder! Please provide your response for below query. As a temporary measure against WMS vulnerabilities, we using Nginx on the front end of geoserver to guard against requests other than the following patterns. ^/gis/geoserver/gwc/service/tms/1.0.0/ However, I am concerned about whether I can check all the URL patterns that call the WMS service in the GeoServer documentation to check if it is properly guarded. (This is because it is described as a calling example in various places in the document, so it is not possible to determine whether all patterns are described.) Therefore, I would like to confirm whether above nginx configurations prevents calls to the WMS service using URL patterns that we allow. [Query] Will this method of protection (nginx configuration shared in previous mail) make the WMS service unavailable? Thanks & regards, Kajal From: Kajal Shrawan Katoke Sent: 13 December 2023 09:07 To: 'geoserver-users@lists.sourceforge.net' <Geoserver-users@lists.sourceforge.net<mailto:Geoserver-users@lists.sourceforge.net>> Cc: CHANDRADEEP KUMAR <chandradeep.ku...@india.nec.com<mailto:chandradeep.ku...@india.nec.com>>; Madhu <mad...@india.nec.com<mailto:mad...@india.nec.com>> Subject: RE: Query regarding WMS service Hi Team, We missed some content of our query please find below: [Query] Will this method of protection (nginx configuration shared in previous mail) make the WMS service unavailable? Thanks & regards Kajal From: Kajal Shrawan Katoke Sent: 12 December 2023 11:49 To: 'geoserver-users@lists.sourceforge.net' <Geoserver-users@lists.sourceforge.net<mailto:Geoserver-users@lists.sourceforge.net>> Cc: CHANDRADEEP KUMAR <chandradeep.ku...@india.nec.com<mailto:chandradeep.ku...@india.nec.com>>; Madhu <mad...@india.nec.com<mailto:mad...@india.nec.com>> Subject: Query regarding WMS service Hi Team, As a temporary measure against WMS vulnerabilities, we using Nginx on the front end of geoserver to guard against requests other than the following patterns. ^/gis/geoserver/gwc/service/tms/1.0.0/ However, I am concerned about whether I can check all the URL patterns that call the WMS service in the GeoServer documentation to check if it is properly guarded. (This is because it is described as a calling example in various places in the document, so it is not possible to determine whether all patterns are described.) Therefore, I would like to confirm whether above nginx configurations prevents calls to the WMS service using URL patterns that we allow. Thanks & regards, Kajal The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. It shall not attach any liability on the originator or NEC Corporation India Private Limited or its affiliates. Any views or opinions presented in this email are solely those of the author and may not necessarily reflect the opinions of NEC Corporation India Private Limited or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately.
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
