jdiana
February 3, 2013, 4:28am
1
Hey all,
I’m a little stumped about what I’m doing wrong here. Basically I have
a
subdirectory that I want to restrict access to specific IP’s, otherwise
return a 403.
If I do the following (inside my server {} block):
server {
// normal processing code here
…
location ~ ^/my_ws$ {
allow XX.XX.XX.XX;
allow XX.XX.XX.XX/24;
deny all;
}
}
Hitting the following URL works as intended and I get a 403 if I try
from
anywhere other than the specified URL’s: http://www.mydomain.com/my_ws
However, if there’s anything AFTER that (i.e. my_ws/, my_ws/page2,
my_ws?parameter1, etc.) it allows them to proceed regardless of IP.
I’m sure it’s something required before or after the $, but I can’t
figure
it out.
Thanks in advance!
Justin
Posted at Nginx Forum:
Hey all, I'm a little stumped about what I'm doing wrong here. Basically I have a subdirectory that I want to restrict access to specific IP's, otherwise return a 403. If I do the following (inside my server {} block): server { // normal p
jdiana
February 3, 2013, 4:47am
2
On 03/02/13 16:27, jdiana wrote:
...
do you need a $ at all? It’s a placeholder for the end of the string,
and all you care about s the start??
Steve
jdiana
February 3, 2013, 12:53pm
3
On 3 February 2013 03:27, jdiana [email protected] wrote:
[snip]
location ~ ^/my_ws$ {
[snip]
However, if there’s anything AFTER that (i.e. my_ws/, my_ws/page2,
my_ws?parameter1, etc.) it allows them to proceed regardless of IP.
I’m sure it’s something required before or after the $, but I can’t figure
it out.
Your problem is absolutely to do with the “$”, and if you don’t yet
understand regex well enough to fix it, have a read through a simple
intro such as Zytrax Tech Stuff - Regular Expressions - A Gentle User Guide and Tutorial .
BTW that’s a pointer to the exact section you need, but I recommend
you digest at least the first half of that guide - it’s not long or
difficult, and will serve you well in the future.
HTH,
Jonathan
Jonathan M. // Oxford, London, UK
http://www.jpluscplusm.com/contact.html
jdiana
February 3, 2013, 10:53pm
4
Hello!
On Sat, Feb 02, 2013 at 10:27:40PM -0500, jdiana wrote:
...
However, if there’s anything AFTER that (i.e. my_ws/, my_ws/page2,
my_ws?parameter1, etc.) it allows them to proceed regardless of IP.
I’m sure it’s something required before or after the $, but I can’t figure
it out.
You don’t need regular expressions, just use normal prefix
location:
location /my_ws {
allow ...
deny all;
}
See Module ngx_http_core_module for details.
–
Maxim D.