internal
The internal directive marks a location as only accessible from within NGINX, preventing external clients from accessing it directly.
Description
The internal directive in NGINX is used within location blocks to define that the specified location can only be accessed internally by NGINX itself and not by external clients. This is particularly useful for securing certain resources or routes that should not be directly reachable by users, such as back-end scripts or internal APIs that might handle sensitive data. When a request is made to an internal location from an outside source, NGINX will respond with a 404 Not Found error, effectively blocking unauthorized access.
When the internal directive is applied to a location block, any attempt to access that block directly from the client side results in an error response, maintaining the integrity and security of the application. This behavior helps in structuring the application efficiently, enabling certain paths to be used exclusively for internal redirects, links, or locations that are 'hidden' from the end users, and can be combined with other directives such as rewrite or error_page to control what happens if unauthorized access is attempted.
The directive does not take any arguments, reflecting its on/off functionality (enabled when declared). It thus fits seamlessly into the typical NGINX configuration paradigm, where blocks can be clearly delineated for purpose and functionality. Proper usage of this directive can significantly enhance the security posture of applications hosted within NGINX, ensuring that only intended server-to-server communications take place through controlled endpoints.
Config Example
location /private {
internal;
# additional configurations
}Placing an internal directive inside nested locations may lead to unexpected behavior; ensure it's used in the correct logical context.
Remember that all internal requests need to be routed through configured error pages or redirects for user feedback.