How to use Nginx to restrict access to everyfiles to 127.0.0.1, except the php files in /
Maxim Dounin
mdounin at mdounin.ru
Thu Nov 13 12:46:42 UTC 2014
Hello!
On Thu, Nov 13, 2014 at 03:33:03AM -0500, carlg wrote:
> Hi,
>
> It works, but i am still able to access the php files inside the restricted
> directories. I tried with :
>
> location /myfolder/(.+)\.php$ {
> deny all;
> }
>
> But this doesn't work!
If you followed what I suggested, you should not be able to access
anything _unless_ it's explicitly allowed. I suspect you've added
something like "location ~ \.php$ { allow all; ...}" - and this is
what causes your problems. Remove it, and start again with
exact match locations, as previously suggested.
> Also, i cannot make this method work nice with our clean url's. We are
> using :
By introducing various rewriting in nginx configuration you make
your life harder. That's your deliberate choice. Igor recently
gave a talk about this, see here:
https://www.youtube.com/watch?v=YWRYbLKsS0I
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list