Blocking all URIs except for one directory

Igal @ Lucee.org igal at lucee.org
Tue Apr 25 19:50:24 UTC 2017


Hello,

I want to secure a site using the allow/deny directives so that only 
allowed networks will be able to access it.  There is one "public" 
directory, however, that I want to be accessible for everyone.

nginx serves as a reverse proxy on that site, and requests for URIs that 
end with the suffix ".cfm" are proxied to Tomcat.

So I currently have something like:

location / {
     allow 10.0.0.0/24;
     deny all;
}

location /public/ {
     allow all;    # does that make sense?
}

location ~ \.cfm$ {
     ## proxy settings go here
}

Keep in mind that .cfm scripts are both in /public/ as well as in other 
directories.

How can I achieve that?

Thanks,

Igal Sapir
Lucee Core Developer
Lucee.org <http://lucee.org/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170425/b43ffa70/attachment.html>


More information about the nginx mailing list