Translating apache config to nginx

Francis Daly francis at
Thu Feb 20 20:24:04 UTC 2014

On Thu, Feb 20, 2014 at 05:58:05AM -0800, Grant wrote:

Hi there,

> >> location ~ ^(?!installer)(\.?[^\.]+)$ {
> >>     deny all;
> >> }

> > Alternatively: what request do you make? What response do you expect? And
> > what is the regex above intended to do?
> I actually got these apache deny directives from the roundcube list.

Possibly the roundcube list will be able to explain, in words, what the
intention is.

Then someone may be able to translate those words into an nginx config

> I don't have a more specific idea of what this one is supposed to do
> beyond "securing things".  I'm not very good with regex and I was
> hoping someone here would see the problem.

The problem is that the regex matches requests that you don't want it
to match -- that much is straightforward.

Since this is intended to be a security thing, it's probably better not
to try to guess what the author might have meant.

(It currently *is* secure, sort of -- you can't get at the urls they
intended to block.)

> Does it make sense that
> this would work in apache but not in nginx?

Yes; the two programs have different expectations of their configuration.

In nginx, for example, all user requests will start with "/", so any regex
that requires anything other than "/" as the first character will fail.

In apache, some regexes don't have that requirement.

(Or maybe that's incorrect -- check with an apache person if it matters.)

Francis Daly        francis at

More information about the nginx mailing list