How to "undo" a global server deny all in a location block

addis_a · March 10, 2015, 12:39am

Is it possible to undo a server level deny all; inside a more specific
location block? See the following:

server {
allow 1.2.3.4;
allow 2.3.4.5;
deny all;

location  /  {
    location ~ ^/api/(?<url>.*) {
        # bunch of directives
    }

    location = /actions/foo.php {
        # bunch of directives
    }

    location = /actions/bar.php {
        #bunch of directives
    }

    location = /actions/allow-all.php {
        # this should allow all
        # bunch of directives
    }

   location ~\.php {
       # bunch of directives
   }
}

}

All the location blocks except for /actions/allow-all.php should follow
the
global server allow and deny rules. /actions/allow-all.php should undo
those
rules and just allow all.

Posted at Nginx Forum:

justink101 · March 10, 2015, 1:07am

On Mon, Mar 09, 2015 at 07:38:47PM -0400, justink101 wrote:

Hi there,

Is it possible to undo a server level deny all; inside a more specific
location block?

Yes.

Normal directive inheritance rules apply, but with the note that “allow”
and “deny” are one of a small set of directives which are inherited as
a pair.

So “allow 1.2.3.4;” inside a location means that the entire allow/deny
configuration within that location is just the one entry.

    location = /actions/allow-all.php {
        # this should allow all
        # bunch of directives
    }

Add “allow all;” in there.

f

Francis D. [email protected]