Forum: NGINX access error?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Glen L. (Guest)
on 2009-04-23 08:12
(Received via mailing list)
location /administrator/ {

           allow 1.1.1.1;

           allow 2.2.2.2;

           deny all;



I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it's forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it



Is there somethink I've missed?
AMP Admin (Guest)
on 2009-04-23 08:42
(Received via mailing list)
It's only looking at the directory but not the files.  Notice the .* in
the
following example and the php handling.



Example:

## Protect

location ~ /(directory1/| directory2/| directory3).* {

                fastcgi_pass    127.0.0.1:9000;

                fastcgi_index   index.php;

                include         fastcgi_params;

               allow 1.1.1.1;

               allow 2.2.2.2;

               deny all;

}



From: removed_email_address@domain.invalid 
[mailto:removed_email_address@domain.invalid] On Behalf Of
Glen
Lumanau
Sent: Wednesday, April 22, 2009 11:03 PM
To: removed_email_address@domain.invalid
Subject: access error?



        location /administrator/ {

           allow 1.1.1.1;

           allow 2.2.2.2;

           deny all;



I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it's forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it



Is there somethink I've missed?
Glen L. (Guest)
on 2009-04-27 15:02
(Received via mailing list)
Tried this but not works aswell L



From: removed_email_address@domain.invalid 
[mailto:removed_email_address@domain.invalid] On Behalf Of
AMP
Admin
Sent: 23 April 2009 11:33
To: removed_email_address@domain.invalid
Subject: RE: access error?



It's only looking at the directory but not the files.  Notice the .* in
the
following example and the php handling.



Example:

## Protect

location ~ /(directory1/| directory2/| directory3).* {

                fastcgi_pass    127.0.0.1:9000;

                fastcgi_index   index.php;

                include         fastcgi_params;

               allow 1.1.1.1;

               allow 2.2.2.2;

               deny all;

}



From: removed_email_address@domain.invalid 
[mailto:removed_email_address@domain.invalid] On Behalf Of
Glen
Lumanau
Sent: Wednesday, April 22, 2009 11:03 PM
To: removed_email_address@domain.invalid
Subject: access error?



        location /administrator/ {

           allow 1.1.1.1;

           allow 2.2.2.2;

           deny all;



I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it's forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it



Is there somethink I've missed?
This topic is locked and can not be replied to.