6

How to allow specific IP's to a URL (not directory!) in Nginx

view full story
linux-howto

http://serverfault.com – I'm trying to deny access to a specific URL on our site running on Nginx but allow it from specific IP's, I've been trying to fiddle around using Location but it seems that's just trying to find a proper directory and not the URL. This is what I came up with, but just gives back a 404. location /specificurl { root /var/www/site1.com/current; allow 123.123.123.123; deny all; } Thank you (HowTos)

grtyyu's picture
Submitted by grtyyu on 04/28/2012 – Made popular on 04/28/2012

Stories similar to How to allow specific IP's to a URL (not directory!) in Nginx

Deny IP address on AWS ELB 19 weeks 5 days ago

I've, more or less, following configuration on AWS:

Elastic load balancer with 3 machines o 3 different availability zones. My security group allows 0.0.0.0/0:80 as it's my rails application (nginx, unicorn).

I was wondering if there's any way to deny access to my app to an specific public ip address?

I have the following in nginx.conf:

server { listen 80; server_name example.com; root /opt/www; index index.html;

location = / { auth_basic off; allow all; }

location / { auth_basic "Do you even lift?"; auth_basic_user_file htpasswd; autoindex on; }

}

But it's still giving me 401's when I try to curl to the root direct

I would like to serve multiple sites on one instance.

I install nginx, php-fpm, and a rails app.

In my Nginx config I have

location / { allow 198.168.0.1; deny all; }

Now, I want to redirect all other IPs except the allowed one to google.com, how do I do that ?

I have tried something like

location / { allow 198.168.0.1; deny all; rewrite ^ http://google.com/; }

but this redirects directly to google.com for all IP. I want only 198.168.0.1 to access the page, others would be redirected.

I'm wondering if it's possible to match Wordpress directory and specific file in the same location, so at the moment I've got rule to match only the wp-admin directory:

## Restricted Access directory location ^~ /wp-admin/ { auth_basic "Access Denied!"; auth_basic_user_file .users;

location ~ \.php$ { fastcgi_pass unix:/var/run/php-fpm/www.sock; fastcg

I have the following nginx location block:

location ^~ /publish { allow 127.0.0.1;

#Allow home allow 99.100.101.102;

deny all; }

Then this location block to process PHP after:

location ~\.php { try_files $uri =404; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_pass 127.0.0.1:9000; include /e

I'm looking for a way to set a parameter in my browser or some sort of token that allows nginx to select the site that is going to serve.

I wish to put the configuration in the nginx sites-enabled folder.

In Apache I have set basic authentication for /protected location. Now i need to bypass authetication for a specific ip address but keep auth for others intact. Can anyone guide me on this one.

nginx with php-fpm on ubuntu 12.04 server.

attempting to access /var/www/test.php (via https://example.net/test.php) downloads the script instead of executing it.

if I place the test.php in a subdirectory, i.e. /var/www/test/test.php it executes.

root.conf;

root /var/www;

include php-fpm.conf;

location ~ /\.