<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
  </head>
  <body bgcolor="#CCCCFF" text="#000000">
    Hello,<br>
    <br>
    I am running Nginx 1.3.0 on CentOS. It serves several domains.<br>
    <br>
    Yesterday we tried to change the allowed URIs to access one folder
    specific to one domain. After the config file change we tried the
    "nginx -s reload", without apparent success or errors. After this I
    rebooted the server, but the restrictions are still not effective. I
    still can access "<a class="moz-txt-link-abbreviated" href="http://www.secret.com/_abc/def/ghi/">www.secret.com/_abc/def/ghi/</a>" contents from
    anywhere.<br>
    <br>
    <b>nginx -V</b> output:<br>
    <br>
    <font color="#3333ff"><tt>nginx version: nginx/1.3.0</tt><tt><br>
      </tt><tt>TLS SNI support enabled</tt><tt><br>
      </tt><tt>configure arguments: --prefix=/usr/share
        --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf
        --error-log-path=/var/log/nginx/error.log
        --http-log-path=/var/log/nginx/access.log
        --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
        --http-client-body-temp-path=/var/lib/nginx/body
        --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
        --http-proxy-temp-path=/var/lib/nginx/proxy
        --http-scgi-temp-path=/var/lib/nginx/scgi
        --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --user=nginx
        --group=nginx --with-ipv6 --with-file-aio --with-http_ssl_module
        --with-http_realip_module --with-http_sub_module
        --with-http_dav_module --with-http_gzip_static_module
        --with-http_stub_status_module</tt><br>
    </font><br>
    <br>
    The complete <b>/etc/nginx/nginx.conf</b> file:<br>
    <br>
    <font color="#3333ff"><tt>worker_processes  1;</tt><tt><br>
      </tt><tt>events { worker_connections  1024;}</tt><tt><br>
      </tt><tt>http</tt><tt><br>
      </tt><tt>{</tt><tt><br>
      </tt><tt>        include       mime.types;</tt><tt><br>
      </tt><tt>        default_type  application/octet-stream;</tt><tt><br>
      </tt><tt>        sendfile        on;</tt><tt><br>
      </tt><tt>        keepalive_timeout  65;</tt><tt><br>
      </tt><tt>        gzip            on;</tt><tt><br>
      </tt><tt>        gzip_min_length 1000; # bytes</tt><tt><br>
      </tt><tt>        gzip_proxied    expired no-cache no-store private
        auth;</tt><tt><br>
      </tt><tt>        gzip_types      text/plain application/xml
        text/css text/javascript application/json text/xml
        application/javascript;</tt><tt><br>
      </tt><tt>        server_tokens off;</tt><tt><br>
      </tt><tt>        server</tt><tt><br>
      </tt><tt>        {</tt><tt><br>
      </tt><tt>                # ?? mainly for domain <a class="moz-txt-link-abbreviated" href="http://www.blabla.com">www.blabla.com</a></tt><tt>,
        usefull for others<br>
      </tt><tt>                location /client/data/up/ { expires 720h;
        }</tt><tt><br>
      </tt><tt>                # all domain</tt><tt>s<br>
      </tt><tt>                location /css/      {    expires  720h; 
        }</tt><tt><br>
      </tt><tt>                location /img/      {    expires  720h; 
        }</tt><tt><br>
      </tt><tt>                location /js/       {    expires  720h; 
        }</tt><tt><br>
      </tt><tt>                location /lib/      {    expires  720h; 
        }</tt><tt><br>
      </tt><tt>                location /piwik/    {    expires  720h; 
        }</tt><tt><br>
      </tt><tt>        }</tt><tt><br>
      </tt><tt>        server</tt><tt><br>
      </tt><tt>        {</tt><tt><br>
      </tt><tt>                server_name <a class="moz-txt-link-abbreviated" href="http://www.secret.com">www.secret.com</a>;</tt><tt><br>
      </tt><tt>                #location /_abc/def/ { ... }</tt><tt><br>
      </tt><tt>                location /_abc/def/ghi/</tt><tt><br>
      </tt><tt>                {</tt><tt><br>
      </tt><tt>                        allow 123.456.654.321;</tt><tt><br>
      </tt><tt>                        deny all;</tt><tt><br>
      </tt><tt>                }</tt><tt><br>
      </tt><tt>        }</tt><tt><br>
      </tt><tt><br>
      </tt><tt>        include /etc/nginx/conf.d/*.conf;</tt><tt><br>
      </tt><tt>}</tt><tt><br>
      </tt><tt>#vim: sw=4: sts=4: ts=8</tt></font><tt><br>
    </tt><br>
    I quickly read the error logs, didn't see anything meaningful. What
    may be wrong?<br>
    <br>
    <br>
  </body>
</html>