Blocking all URIs except for one directory

Igal @ igal at
Tue Apr 25 19:50:24 UTC 2017


I want to secure a site using the allow/deny directives so that only 
allowed networks will be able to access it.  There is one "public" 
directory, however, that I want to be accessible for everyone.

nginx serves as a reverse proxy on that site, and requests for URIs that 
end with the suffix ".cfm" are proxied to Tomcat.

So I currently have something like:

location / {
     deny all;

location /public/ {
     allow all;    # does that make sense?

location ~ \.cfm$ {
     ## proxy settings go here

Keep in mind that .cfm scripts are both in /public/ as well as in other 

How can I achieve that?


Igal Sapir
Lucee Core Developer <>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list