Allow /.well-known/acme-challenge but deny dot files

basti mailinglist at unix-solution.de
Tue Apr 4 08:33:13 UTC 2017


Hello,

at the Moment I use this config

# Deny access to all .invisible files.
location ~ /\. { deny  all; access_log off; log_not_found off; }


Now I need access to Let's Encrypt acme-challenge and add this to my
config before deny all .invisible files, now it looks like

...
# Allow Let's Encrypt acme-challenge
location /.well-known/acme-challenge { allow all; access_log on; }

# Deny access to all .invisible files.
location ~ /\. { deny  all; access_log off; log_not_found off; }
...

I have reload nginx but I have no access to
http://example.com/.well-known/acme-challenge

Log say "access forbidden by rule."
Is there a way to allow /.well-known/ and deny all other?

Best Regards,
basti


More information about the nginx mailing list