How do we hardcode the header size limits and timeout values in nginx source code ?. As I'm going to give my server to clients , so he don't want to see my configuration tweaks.
Asked
Active
Viewed 3,392 times
1 Answers
1
Perhaps rethink what you're trying to hide and why -- and how you expect your client to interact with the configuration you're providing. Header buffer sizes and timeouts aren't overly sensitive information; a well crafted HTTP request from the web could determine both fairly easily.
If the aim is to prevent your client seeing your configuration, consider simply restricting access based on file access rights or use include directives within Nginx to move your code outside of files that they'll be accessing directly.
For note, in order to actually hardcode these options into Nginx, you'd need to modify the Nginx source code, starting with aspects like the default configuration for client_header_buffer_size and large_client_header_buffers (see the lines of code where the defaults are defined in ngx_http_core_module.c and then adding additional code elsewhere that prevents these settings from being changed. The same applies for the timeout values. In short, this is a non-trivial rewrite to Nginx and likely be solved by something far less intensive.
davidjb
- 8,247
- 3
- 32
- 42