On 13/06/14 15:14, 姚锟 wrote: > Hi Buddy, > I am a newer to Nginx world, now I have a project to link the varnish > HTTP server and nginx together, nginx is the back end. > > I want to allow the connections only by varnish, so I use deny all > ,this kind of stuff to archieve this. > > But if there is a way to compeletely forbid the connections, at > present, even the outside connections is forbidden, but I think it > still waste some resourses, "RETURN A 403 STATIC PAGE".. > > I will not use a iptables.. > If varnish and nginx are on the same machine, you could configure nginx listen to listen on loopback (127.0.0.1:8080 say) and varnish to connect to that ip:port. This will stop all external direct access to nginx.
I'm guessing you've some conditional check in nginx that's currently denying external access, you could look at the 444 return code. A quick google came up with <http://www.acloudtree.com/how-to-deny-hosts-using-nginx/> Steve. _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx