This question has been flagged

Hi I have setup Odoo 10 behind an nginx reverse proxy as per Odoo 10.0 Documentation on a RHEL 7.2 Linux Server.

I want to restrict access to /web/database/manager and /web/database/selector which I have done with the following directives in the nginx.conf

location ~* /web/database/manager {

            deny all;
        }

This works and I get the expected 403 forbidden message when browsing to Manage Database, however if I try to make an exception for certain IP address with the following change, it returns a 404 Not Found message..

location ~* /web/database/manager {

             allow 123.123.123.123;
            deny all;
        }

When I look at the nginx error log I can see the following message:

2017/06/30 11:35:36 [error] 16467#0: *1 open() "/usr/share/nginx/html/web/database/manager" failed (2: No such file or directory), client: 123.123.123.123, server: myinternalhost.example.com, request: "GET /web/database/manager HTTP/1.1", host: "www.example.com", referrer: "https://www.example.com/web/database/selector"

The path /usr/share/nginx/html/web/database/manager obviously does not exist, but /usr/share/nginx/html/ is the root directive of my server in nginx. I have tried changing root to "/" but this just removes the reference to /usr/share/nginx/html/ from the message

I have found syntax of how this works using Apache here : http://antiun.github.io/odoo-reverse-proxy-howto/#slide-80  

but I have not found anything for nginx, other than generic examples which I have tried to apply above.

Any ideas?


Thanks,

Imran



Avatar
Discard
Best Answer

You need to do a proxy_pass inside where you allow, like so:

location ~* /web/database/manager {
    allow 123.123.123.123;
    deny all;
proxy_pass http://127.0.0.1:8069
}
Avatar
Discard