Allow /.well-known/acme-challenge but deny dot files

Martin Wolfert martin at martin-wolfert.de
Tue Apr 4 08:36:05 UTC 2017


Hi,

try this:

# Allow access to the letsencrypt ACME Challenge
location ~ /\.well-known\/acme-challenge {
     allow all;
}

Best,
Martin


Am 04.04.2017 um 10:33 schrieb basti:
> Hello,
>
> at the Moment I use this config
>
> # Deny access to all .invisible files.
> location ~ /\. { deny  all; access_log off; log_not_found off; }
>
>
> Now I need access to Let's Encrypt acme-challenge and add this to my
> config before deny all .invisible files, now it looks like
>
> ...
> # Allow Let's Encrypt acme-challenge
> location /.well-known/acme-challenge { allow all; access_log on; }
>
> # Deny access to all .invisible files.
> location ~ /\. { deny  all; access_log off; log_not_found off; }
> ...
>
> I have reload nginx but I have no access to
> http://example.com/.well-known/acme-challenge
>
> Log say "access forbidden by rule."
> Is there a way to allow /.well-known/ and deny all other?
>
> Best Regards,
> basti
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list