How could I forbid outside visits without response 403

Hi Buddy,
I am a newer to Nginx world, now I have a project to link the varnish
HTTP server and nginx together, nginx is the back end.

I want to allow the connections only by varnish, so I use deny all ,this
kind of stuff to archieve this.

But if there is a way to compeletely forbid the connections, at present,
even the outside connections is forbidden, but I think it still waste
some resourses, “RETURN A 403 STATIC PAGE”…

I will not use a iptables…

Thank you everyone !!!

I would appreciate very much…

What you describe is by design the job of firewalls… in your case
dropping unwanted connections rather that rejecting them.

1 tool = 1 task

B. R.

On 13 Jun 2014 15:15, “姚锟” [email protected] wrote:

I think it still waste some resourses, “RETURN A 403 STATIC PAGE”…

I think you’re probably wrong. You’re almost certainly prematurely
optimising the wrong thing. Just 403 the unwanted requests and move on
with
your job/life/project.

I mean this sincerely,
J

On 13/06/14 15:14, 姚锟 wrote:

I will not use a iptables…

If varnish and nginx are on the same machine, you could configure nginx
listen to listen on loopback (127.0.0.1:8080 say) and varnish to connect
to that ip:port. This will stop all external direct access to nginx.

I’m guessing you’ve some conditional check in nginx that’s currently
denying external access, you could look at the 444 return code. A quick
google came up with
http://www.acloudtree.com/how-to-deny-hosts-using-nginx/

Steve.