nginx, Limit all .php except index.php, allow POST

Question

I'm trying to limit access to .php files through HTTP, allow only to index.php.

I should allow access to .php files only through POST and require.

I did the following:

    location ~ ^((?!index\.php).)*$ {   
        allow 127.0.0.1
        deny all;
    }

This blocks all files except index.php, however it blocks also POST queries..

Any ideas?

score 0 · Accepted Answer · answered Aug 24 '17 at 19:24

0

Locations apply to all requests types. Unfortunately the only way I can think to do this is using IF

location ~ ^((?!index\.php).)*$ {   
  if ($request_method = GET ) {
    allow 127.0.0.1
      deny all;
  }
}

answered Aug 24 '17 at 19:24

Tim

1 Answers1