How to Check HTTP Version in NGINX Configuration and Return 401 Unauthorized

Описание: Learn how to effectively check the HTTP version of incoming requests in your NGINX configuration to return a `401 Unauthorized` error when the version is invalid or unsupported.
---
This video is based on the question https://stackoverflow.com/q/64622373/ asked by the user 'Jerald Baker' ( https://stackoverflow.com/u/9578985/ ) and on the answer https://stackoverflow.com/a/64660704/ provided by the user 'Jerald Baker' ( https://stackoverflow.com/u/9578985/ ) at 'Stack Overflow' website. Thanks to these great users and Stackexchange community for their contributions.

Visit these links for original content and any more details, such as alternate solutions, latest updates/developments on topic, comments, revision history etc. For example, the original title of the Question was: NGINX get http version of request in location

Also, Content (except music) licensed under CC BY-SA https://meta.stackexchange.com/help/l...
The original Question post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license, and the original Answer post is licensed under the 'CC BY-SA 4.0' ( https://creativecommons.org/licenses/... ) license.

If anything seems off to you, please feel free to write me at vlogize [AT] gmail [DOT] com.
---
How to Check HTTP Version in NGINX Configuration and Return 401 Unauthorized

When configuring your NGINX server, you might encounter situations where you need to check the HTTP version of incoming requests. For example, you may want to reject requests that use older or unsupported versions, returning a 401 Unauthorized error. This guide will guide you through achieving this using an effective NGINX configuration.

The Problem

You want to ensure that your NGINX server only processes requests that meet certain HTTP version criteria. Specifically, you want to return a 401 response when:

The request's HTTP version is not present.

The request's HTTP version is anything lower than 1.1.

To achieve this, we need a way to inspect the HTTP version in NGINX and handle it appropriately.

The Solution

Instead of using simple condition checks as shown in the initial question, we’ll implement an efficient solution that utilizes NGINX's map directive. This approach will categorize the HTTP versions and then validate them within a server block. Here’s how to do it:

Step 1: Setting Up the Map

The map directive allows you to create variables based on conditions. In this case, you can map the $server_protocol variable (which represents the HTTP version of the request) to a new variable called $httpVersion. Here’s how to define it:

[[See Video to Reveal this Text or Code Snippet]]

Step 2: Configuring the Location Block

After mapping the HTTP versions, you need to check the $httpVersion variable within your location block to determine if the request is coming from a valid HTTP version:

[[See Video to Reveal this Text or Code Snippet]]

Step 3: Complete Server Block Configuration

Here’s what the complete NGINX configuration should look like when you put everything together:

[[See Video to Reveal this Text or Code Snippet]]

Conclusion

By employing the map directive in your NGINX configuration, you can efficiently validate the HTTP version of incoming requests. This method not only simplifies your conditions but also enhances the readability of your configuration.

Ensure to test your server adequately to confirm that it behaves as expected under varying conditions. Using the above approach, you will enhance your NGINX server's security by correctly handling HTTP version requests effortlessly.

Now you're ready to reject unwanted HTTP versions while keeping your configuration clean and manageable!