Restricting access to specific subdirectories

jdiana nginx-forum at
Sun Feb 3 03:27:40 UTC 2013

Hey all,

I'm a little stumped about what I'm doing wrong here.  Basically I have a
subdirectory that I want to restrict access to specific IP's, otherwise
return a 403.

If I do the following (inside my server {} block):

server {
        // normal processing code here

        location ~ ^/my_ws$ {
                allow   XX.XX.XX.XX;
                allow   XX.XX.XX.XX/24;
                deny   all;

Hitting the following URL works as intended and I get a 403 if I try from
anywhere other than the specified URL's:

However, if there's anything AFTER that (i.e. my_ws/, my_ws/page2,
my_ws?parameter1, etc.) it allows them to proceed regardless of IP.

I'm sure it's something required before or after the $, but I can't figure
it out.

Thanks in advance!


Posted at Nginx Forum:,235864,235864#msg-235864

More information about the nginx mailing list