gwire/nginx_405.md

Last active June 14, 2023 21:19

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/gwire/02452d28b9c9079619aca22b8ccbdee8.js"></script>
Save gwire/02452d28b9c9079619aca22b8ccbdee8 to your computer and use it in GitHub Desktop.

Download ZIP

Generating 405 responses in nginx

Raw

nginx_405.md

I have a site where there is no legitmate use of the HTTP POST method (or anything other than GET/HEAD).

limit_except is usually used for method restriction, but only produces 403 responses, not 405. There's a Stack Overflow question that notes this. There's a 2015 blog post that suggests something like the following (which I needed to modify to get the Allow: header to appear):

server {
  ### regular config

  location @error405 {
    add_header Allow "GET, HEAD" always;
    return 405;
  }
  error_page 405 @error405;
        
  location / {
    if ( $request_method !~ ^(GET|HEAD)$ ) {
      return 405;
    }
    
    ### regular config
  }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment