<div dir="ltr"><div>You can put it above the other deny location</div><div># Allow "Well-Known URIs" as per RFC 5785</div><div>location ~* ^/.well-known/ {</div><div>allow all;</div><div>}</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Apr 4, 2017 at 2:06 PM, Martin Wolfert <span dir="ltr"><<a href="mailto:martin@martin-wolfert.de" target="_blank">martin@martin-wolfert.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
try this:<br>
<br>
# Allow access to the letsencrypt ACME Challenge<br>
location ~ /\.well-known\/acme-challenge {<br>
allow all;<br>
}<br>
<br>
Best,<br>
Martin<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
Am 04.04.2017 um 10:33 schrieb basti:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello,<br>
<br>
at the Moment I use this config<br>
<br>
# Deny access to all .invisible files.<br>
location ~ /\. { deny all; access_log off; log_not_found off; }<br>
<br>
<br>
Now I need access to Let's Encrypt acme-challenge and add this to my<br>
config before deny all .invisible files, now it looks like<br>
<br>
...<br>
# Allow Let's Encrypt acme-challenge<br>
location /.well-known/acme-challenge { allow all; access_log on; }<br>
<br>
# Deny access to all .invisible files.<br>
location ~ /\. { deny all; access_log off; log_not_found off; }<br>
...<br>
<br>
I have reload nginx but I have no access to<br>
<a href="http://example.com/.well-known/acme-challenge" rel="noreferrer" target="_blank">http://example.com/.well-known<wbr>/acme-challenge</a><br>
<br>
Log say "access forbidden by rule."<br>
Is there a way to allow /.well-known/ and deny all other?<br>
<br>
Best Regards,<br>
basti<br>
______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br>
</blockquote>
<br>
______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><b>Anoop P Alias</b> <div><br></div></div></div></div>
</div>