Access error?

location /administrator/ {

       allow 1.1.1.1;

       allow 2.2.2.2;

       deny all;

I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it’s forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it

Is there somethink I’ve missed?

It’s only looking at the directory but not the files. Notice the .* in
the
following example and the php handling.

Example:

Protect

location ~ /(directory1/| directory2/| directory3).* {

            fastcgi_pass    127.0.0.1:9000;

            fastcgi_index   index.php;

            include         fastcgi_params;

           allow 1.1.1.1;

           allow 2.2.2.2;

           deny all;

}

From: [email protected] [mailto:[email protected]] On Behalf Of
Glen
Lumanau
Sent: Wednesday, April 22, 2009 11:03 PM
To: [email protected]
Subject: access error?

    location /administrator/ {

       allow 1.1.1.1;

       allow 2.2.2.2;

       deny all;

I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it’s forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it

Is there somethink I’ve missed?

Tried this but not works aswell L

From: [email protected] [mailto:[email protected]] On Behalf Of
AMP
Admin
Sent: 23 April 2009 11:33
To: [email protected]
Subject: RE: access error?

It’s only looking at the directory but not the files. Notice the .* in
the
following example and the php handling.

Example:

Protect

location ~ /(directory1/| directory2/| directory3).* {

            fastcgi_pass    127.0.0.1:9000;

            fastcgi_index   index.php;

            include         fastcgi_params;

           allow 1.1.1.1;

           allow 2.2.2.2;

           deny all;

}

From: [email protected] [mailto:[email protected]] On Behalf Of
Glen
Lumanau
Sent: Wednesday, April 22, 2009 11:03 PM
To: re[email protected]
Subject: access error?

    location /administrator/ {

       allow 1.1.1.1;

       allow 2.2.2.2;

       deny all;

I tried to use that configuration. If someone accessing
www.domain.com/administrator/ it’s forbidden.

But if someone accessing www.domain.com/administrator/index.php they can
execute it

Is there somethink I’ve missed?

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs