Hi everyone,
I have a page*:
http://example.com/es/ that I need to expose to the internet for testing. This is an Elasticsearch instance.
I want to restrict some HTTP request methods to help prevent malicious attacks on my Elasticsearch cluster.
I want to:
Disable PUT, DELETE, TRACE requests.
Allow GET requests
Restrict POST requests to
http://example.com/es/_searchHow would I go about achieving the restriction on the POST requests? My current mod_rewrite config is below.
RewriteEngine on
RewriteCond %{THE_REQUEST} !^(POST|GET)\ /.*\ HTTP/1\.1$
RewriteRule .* - [F]
Thanks in advance for any advice.
* - This page is just an example of the URL/URI structure. My app isn't actually hosted at example.com.