Thanks for response and support.
Now issue is resolved.
···
From: Rahkonen Jukka <jukka.rahkonen@…6847…>
Sent: 10 January 2024 12:56
To: Kajal Shrawan Katoke <kajal.katoke@…10404…>; geoserver-users@lists.sourceforge.net
Cc: CHANDRADEEP KUMAR <chandradeep.kumar@…10404…>; Madhu <madhu1@…10404…>
Subject: Re: Query regarding WMS service
|
External Message: Please be cautious when opening links or attachments in email
|
Hi,
This is geoserver-users mailing list so you are a part of the team. I did see your mail but I did not quite understand what you were asking so I did not respond. I have never used nginx in front of Geoserver, but if your nginx requires that the URL begins like …/gis/geoserver/gwc/service/tms/1.0.0/, then WMS requests do not work. But I believe that you have tested that already
http://localhost:8080/geoserver/gwc/service/tms/1.0.0?service=WMS&version=1.3.0&request=GetCapabilities
-Jukka Rahkonen-
Lähettäjä: Kajal Shrawan Katoke via Geoserver-users <geoserver-users@lists.sourceforge.net>
Lähetetty: keskiviikko 10. tammikuuta 2024 7.51
Vastaanottaja: geoserver-users@lists.sourceforge.net
Kopio: CHANDRADEEP KUMAR <chandradeep.kumar@…10404…>; Madhu <madhu1@…10404…>
Aihe: Re: [Geoserver-users] Query regarding WMS service
Hi Team,
Gentle Reminder!
Please provide your response for below query.
As a temporary measure against WMS vulnerabilities, we using Nginx on the front end of geoserver to guard against requests other than the following patterns.
^/gis/geoserver/gwc/service/tms/1.0.0/
However, I am concerned about whether I can check all the URL patterns that call the WMS service in the GeoServer documentation to check if it is properly guarded.
(This is because it is described as a calling example in various places in the document, so it is not possible to determine whether all patterns are described.)
Therefore, I would like to confirm whether above nginx configurations prevents calls to the WMS service using URL patterns that we allow.
[Query]
Will this method of protection (nginx configuration shared in previous mail) make the WMS service unavailable?
Thanks & regards,
Kajal
From: Kajal Shrawan Katoke
Sent: 13 December 2023 09:07
To: ‘geoserver-users@lists.sourceforge.net’ <Geoserver-users@lists.sourceforge.net>
Cc: CHANDRADEEP KUMAR <chandradeep.kumar@…10404…>; Madhu <madhu1@…10404…>
Subject: RE: Query regarding WMS service
Hi Team,
We missed some content of our query please find below:
[Query]
Will this method of protection (nginx configuration shared in previous mail) make the WMS service unavailable?
Thanks & regards
Kajal
From: Kajal Shrawan Katoke
Sent: 12 December 2023 11:49
To: ‘geoserver-users@lists.sourceforge.net’ <Geoserver-users@lists.sourceforge.net>
Cc: CHANDRADEEP KUMAR <chandradeep.kumar@…10404…>; Madhu <madhu1@…10404…>
Subject: Query regarding WMS service
Hi Team,
As a temporary measure against WMS vulnerabilities, we using Nginx on the front end of geoserver to guard against requests other than the following patterns.
^/gis/geoserver/gwc/service/tms/1.0.0/
However, I am concerned about whether I can check all the URL patterns that call the WMS service in the GeoServer documentation to check if it is properly guarded.
(This is because it is described as a calling example in various places in the document, so it is not possible to determine whether all patterns are described.)
Therefore, I would like to confirm whether above nginx configurations prevents calls to the WMS service using URL patterns that we allow.
Thanks & regards,
Kajal
The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or NEC Corporation India Private Limited or its affiliates.
Any views or opinions presented in this email are solely those of the author and may not necessarily reflect the opinions of NEC Corporation India Private Limited or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of the author of this e-mail is strictly prohibited.
If you have received this email in error please delete it and notify the sender immediately.