<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#CCCCFF" text="#000000">
Hello,<br>
<br>
I am running Nginx 1.3.0 on CentOS. It serves several domains.<br>
<br>
Yesterday we tried to change the allowed URIs to access one folder
specific to one domain. After the config file change we tried the
"nginx -s reload", without apparent success or errors. After this I
rebooted the server, but the restrictions are still not effective. I
still can access "<a class="moz-txt-link-abbreviated" href="http://www.secret.com/_abc/def/ghi/">www.secret.com/_abc/def/ghi/</a>" contents from
anywhere.<br>
<br>
<b>nginx -V</b> output:<br>
<br>
<font color="#3333ff"><tt>nginx version: nginx/1.3.0</tt><tt><br>
</tt><tt>TLS SNI support enabled</tt><tt><br>
</tt><tt>configure arguments: --prefix=/usr/share
--sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-proxy-temp-path=/var/lib/nginx/proxy
--http-scgi-temp-path=/var/lib/nginx/scgi
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi --user=nginx
--group=nginx --with-ipv6 --with-file-aio --with-http_ssl_module
--with-http_realip_module --with-http_sub_module
--with-http_dav_module --with-http_gzip_static_module
--with-http_stub_status_module</tt><br>
</font><br>
<br>
The complete <b>/etc/nginx/nginx.conf</b> file:<br>
<br>
<font color="#3333ff"><tt>worker_processes 1;</tt><tt><br>
</tt><tt>events { worker_connections 1024;}</tt><tt><br>
</tt><tt>http</tt><tt><br>
</tt><tt>{</tt><tt><br>
</tt><tt> include mime.types;</tt><tt><br>
</tt><tt> default_type application/octet-stream;</tt><tt><br>
</tt><tt> sendfile on;</tt><tt><br>
</tt><tt> keepalive_timeout 65;</tt><tt><br>
</tt><tt> gzip on;</tt><tt><br>
</tt><tt> gzip_min_length 1000; # bytes</tt><tt><br>
</tt><tt> gzip_proxied expired no-cache no-store private
auth;</tt><tt><br>
</tt><tt> gzip_types text/plain application/xml
text/css text/javascript application/json text/xml
application/javascript;</tt><tt><br>
</tt><tt> server_tokens off;</tt><tt><br>
</tt><tt> server</tt><tt><br>
</tt><tt> {</tt><tt><br>
</tt><tt> # ?? mainly for domain <a class="moz-txt-link-abbreviated" href="http://www.blabla.com">www.blabla.com</a></tt><tt>,
usefull for others<br>
</tt><tt> location /client/data/up/ { expires 720h;
}</tt><tt><br>
</tt><tt> # all domain</tt><tt>s<br>
</tt><tt> location /css/ { expires 720h;
}</tt><tt><br>
</tt><tt> location /img/ { expires 720h;
}</tt><tt><br>
</tt><tt> location /js/ { expires 720h;
}</tt><tt><br>
</tt><tt> location /lib/ { expires 720h;
}</tt><tt><br>
</tt><tt> location /piwik/ { expires 720h;
}</tt><tt><br>
</tt><tt> }</tt><tt><br>
</tt><tt> server</tt><tt><br>
</tt><tt> {</tt><tt><br>
</tt><tt> server_name <a class="moz-txt-link-abbreviated" href="http://www.secret.com">www.secret.com</a>;</tt><tt><br>
</tt><tt> #location /_abc/def/ { ... }</tt><tt><br>
</tt><tt> location /_abc/def/ghi/</tt><tt><br>
</tt><tt> {</tt><tt><br>
</tt><tt> allow 123.456.654.321;</tt><tt><br>
</tt><tt> deny all;</tt><tt><br>
</tt><tt> }</tt><tt><br>
</tt><tt> }</tt><tt><br>
</tt><tt><br>
</tt><tt> include /etc/nginx/conf.d/*.conf;</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt>#vim: sw=4: sts=4: ts=8</tt></font><tt><br>
</tt><br>
I quickly read the error logs, didn't see anything meaningful. What
may be wrong?<br>
<br>
<br>
</body>
</html>