From 204457489d684724dd07d6c1cd3f4aa97f2eaf29 Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Mon, 6 Apr 2020 15:41:42 +0200
Subject: nginx_config: make sure only GET is allowed on the downstream
 instance

---
 nginx_config | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nginx_config b/nginx_config
index 8a70167..b18fb09 100644
--- a/nginx_config
+++ b/nginx_config
@@ -53,6 +53,10 @@ server {
     #ssl_certificate_key <path to TLS key>;
     #ssl_dhparam <path to DH params, optional>;
 
+    if ($request_method !~ ^(GET|HEAD)$) {
+        return 405; # Method Not Allowed
+    }
+
     root <path to site root>;
 
     index index.html;
-- 
cgit v1.2.3