HTTP PUT DELETE PATH for single domain

CCM

New member
Joined
Aug 19, 2018
Messages
1
Hi,

I run into a challenge. I would like to have the http_methods=GET:HEAD:pOST:pUT:DELETE:pATCH working, but only for a selected single domain.
I now have it working as global by editing /usr/local/directadmin/custombuild/options.conf.
But this means that all user can use it and I would like to limit that to only selected domains.

What we already tried is to go to ADMIN > CUSTOM HTTPD > Select the proper domain and add the following code to CUSTOM3:

Code:
<Limit GET POST OPTIONS PROPFIND PUT DELETE PATCH>
 Order allow,deny
 Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND PUT DELETE PATCH>
 Order deny,allow
 Deny from all
</LimitExcept>

It accepts the code, but somehow it won't work voor the selected domain.
What is a correct and save method to get this to work, so I can can disable it in the global code.
Thanx!
 
Hello,

Try and use:


Code:
AllowMethods GET POST OPTIONS PROPFIND PUT DELETE PATCH

in CUSTOM3 for your domain.

p.s. make sure you don't have nginx in front of Apache.
 
Hello Alex,

Any way to accomplish this (for a specific domain) if I do have nginx in front of Apache?

Thanks in advance,

Isaias
 
It is possible, there is much more customization is required on NGINX part. A road-map can be as the following:

With NGINX the limits are set in

```
/etc/nginx/webapps.conf
/etc/nginx/webapps.ssl.conf
```

and I believe with the default templates you can not change allowed methods on per domain bases.

You need to move the block:

Code:
        if ($request_method !~ ^(GET|HEAD|POST|OPTIONS)$ ) {
                return 444;
        }

from the mentioned files (using directadmin style to protect files from being overwritten) to the main nginx template....

And follow the post #2 to update limits for Apache.
 
Thank you, Alex.
I managed to get it working. However, didn't get how to create the exception in in nginx part. I mean, could not eliminate the block only for the desired domain. Will continue looking at that.
Best regards,
Isaias
 
You should remove the block

Code:
        if ($request_method !~ ^(GET|HEAD|POST|OPTIONS)$ ) {
                return 444;
        }

from the following files:

- /etc/nginx/webapps.conf
- /etc/nginx/webapps.ssl.conf

(copy modified files into /usr/local/directadmin/custombuild/custom/nginx_reverse/conf/ afterwards, create the directory if it's missing).

Update the nginx templates

- nginx_server.conf
- nginx_server_secure.conf
- nginx_server_secure_sub.conf
- nginx_server_sub.conf



copied from /usr/local/directadmin/data/templates/ to /usr/local/directadmin/data/templates/custom/, something like:

- add

Code:
|?if LIMIT_REQUEST_METHOD=1|

at the very top of the files nginx_server.conf, nginx_server_secure.conf, nginx_server_secure_sub.conf, nginx_server_sub.conf

- add

Code:
|*if LIMIT_REQUEST_METHOD="1"|
        if ($request_method !~ ^(GET|HEAD|POST|OPTIONS)$ ) {
                return 444;
        }
|*endif|

after line

Code:
include /etc/nginx/webapps.conf;

of the same 4 files.

Execute

Code:
/usr/local/directadmin/custombuild/build rewrite_confs

if nginx fails to start afterwards due to a typo, run nginx -t to see why, and fix it.


Then go to Directadmin as Admin, go to Custom HTTPD Configurations and click nginx proxy in a line with your domain, then add

Code:
|?if LIMIT_REQUEST_METHOD=0|

at the CUSTOM section, textarea opened by default and save changes. It should disable the limit for your domain in NGINX. The other domains should still have the limits.
 
Back
Top