Hi,
Sorry I'm fairly new to nginx, and have been asked to put the following rule in for a reverse proxy setup:
>RewriteEngine on
>
>RewriteCond %{REQUEST\_METHOD} \^(TRACE|TRACK)
>
>RewriteRule .\* - \[F\]
What would be the correct/optimal way to do this in an nginx vhost config?
It sounds like that says, if the request method begins with TRACE or TRACK, return http 403 forbidden. If so, use the [limit_except directive](https://nginx.org/en/docs/http/ngx_http_core_module.html#limit_except) to deny everything except the desired request methods. Works sort of the inverse of apache, it defines what is an OK method, instead of defining what’s not an OK method.
You could also use an [if directive](https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#if) to act on a $request_method, eg; `if ($request_method ~* “^(TRACE|TRACK)”) { return 403; }`