On Mon, Feb 05, 2018 at 11:56:04PM +0530, Kaushal Shriyan wrote: Hi there,
> When i run this curl call -> curl -X GET http://13.127.165.226/ -H > 'cache-control: no-cache' -H 'postman-token: > 2494a4a7-6791-2426-cedf-d0bcaa1cd90a' -H 'x-forwarded-for: 12.12.12.13.11' > > Ideally the request should not be allowed and the access log should report > 403 instead of 200 Why should it not be allowed? What IP address are you making the request from? > I get 200 OK in the access.log > > location / { > proxy_set_header X-Forwarded-For $remote_addr; > allow 182.76.214.126/32; > allow 116.75.80.47/32; > deny all; > error_page 404 /404.html; > location = /40x.html { > } > > Please let me know if i am missing anything. Your config fragment is incomplete. But when I use something similar, I get the expected http 200 from an address in the "allow" list, and the expected http 403 from an address not in the "allow" list. The output of "nginx -V" might be interesting, in case you are using a version that has broken allow/deny handling. f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
