NGINX: Why limiting request methods is not necessary

If you want to harden nginx you might come across this piece of configuration:

if ($request_method !~ ^(GET|HEAD|POST)$ )
{
  return 405;
}

The idea behind this is that nginx checks for any incoming request, if the request method is either GET, HEAD or POST. If the request method is different, nginx will return HTTP status code 405 ("Method is not allowed"). There are other examples which return nginx' non-standard return code 444 ("Connection closed without response") instead. Here is why I think you can omit that piece of configuration and save some CPU cycles...

Read more...