Allow/Deny rules in Location block

sandeep dubey sandeep.sanash at gmail.com
Mon Jan 23 09:34:41 UTC 2023


Hello,

I am trying to restrict some Location block in my Nginx configuration to
specific IPs. Below are the changes I made -

Version: nginx:1.21.0

location / {
>             proxy_pass http://127.0.0.1:8080;
>         }
>
  location = /auth {
>             proxy_pass http://127.0.0.1:8080;
>             allow 1.2.3.4/8;
>             allow 5.6.7.8/16;
>             allow my.vpn.ip.here;
>             allow my.public.ip.here;
>             deny all;
>             error_page 403 /usr/share/nginx/html/403.html;
>             auth_basic "Administrator’s area";
>             auth_basic_user_file /etc/nginx/.htpasswd;
>         }
>

Here, the deny rule is not working. Users are still able to access the page
publicly. Am I missing something?

-- 
Regards,
Sandeep
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230123/98dbc8d7/attachment.htm>


More information about the nginx mailing list