proxy_store_access
The `proxy_store_access` directive controls access permissions for storing files in a proxied setup in NGINX. — NGINX HTTP Core
Описание
The `proxy_store_access` directive is crucial when configuring NGINX's proxying capabilities, especially when caching or storing responses from upstream servers. This directive can specify what access control settings apply to stored files, which can include permissions for the user, group, and other entities. By allowing only specific users to access the cached content, it ensures a refined and controlled environment, essential for security and operation efficiency. You can define the access settings using one to three parameters: the first for the user permission, the second for the group permission, and the third for the other users. Each parameter accepts a string indicative of the permission level, affecting how NGINX enforces access to stored content. This way, if a file is saved via `proxy_store`, its accessibility can be dictated by the `proxy_store_access` settings, preventing unauthorized access to crucial or sensitive files. This directive can be placed in `http`, `server`, or `location` contexts, making it versatile within the configuration file. It's not just about controlling access post-storage, but also about shaping how resources are shared within proxied responses, ultimately influencing the integrity and security of your server's operation.
Пример конфига
location /download {
proxy_pass http://backend;
proxy_store on;
proxy_store_access user:group:r;
}Ensure the correct permissions are set to avoid inadvertently exposing sensitive data.
Inconsistent behavior may occur if the access controls conflict with filesystem permissions.
Remember to restart NGINX after making changes to the configuration to apply new settings.