Answer the question
In order to leave comments, you need to log in
S
S
Sergey Kutylev2015-04-07 23:41:23
Sergey Kutylev, 2015-04-07 23:41:23
Is it possible to do such authorization in nginx?
There is a site that should be available in two versions:
1) there is a list of subnets from which the site can be opened via http and for this list of network addresses it is allow .
2) for all other http must be denied and must work out an automatic redirect to https and a request for a client s / mime certificate, if a person does not have a certificate in the store - a 403 error should be returned .
Actually what is the question. Is it possible to implement this in nginx ? Maybe with if ( $scheme or something like that?
1 answer(s)
@sakutylev
A
Andrey Burov, 2015-04-08 @sakutylev
server {
liseten example.org:80;
server_name example.org;
allow 127.0.0.1;
deny all;
error_page 403 https://example.org/;
#...
}
server {
liseten example.org:443 ssl;
server_name example.org;
ssl_verify_client on;
# и так далее....
}
Similar questions
L
U
P
E
H
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question