oh, dumb me... i didn't knew you can setup access at server level<br><br>Anyway, the problem still persists if i want to deny access just to <a href="http://sub.domain.tld/myadmin">http://sub.domain.tld/myadmin</a> using this
<br><br> location /myadmin {<br> allow <a href="http://192.168.2.2">192.168.2.2</a>;<br> deny all;<br> }<br><br>Ill try to explain again... with that config if a user let's say from
<a href="http://192.168.2.3">192.168.2.3</a> is trying to see <a href="http://sub.domain.tld/myadmin">http://sub.domain.tld/myadmin</a> he gets access denied which is OK... but if he tries <a href="http://sub.domain.tld/myadmin/index.php">
http://sub.domain.tld/myadmin/index.php</a> he can see the site with no problem<br><br>(the problem with <a href="http://sub.domain.tld/">http://sub.domain.tld/</a> not working and <a href="http://sub.domain.tld/index.php">
http://sub.domain.tld/index.php</a> working was apparently from Firefox, fixed after cleared the cache, weird tho')<br><br>i hope that was more clear :)<br><br><br><br><div><span class="gmail_quote">On 2/20/07, <b class="gmail_sendername">
Igor Sysoev</b> <<a href="mailto:is@rambler-co.ru">is@rambler-co.ru</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Tue, Feb 20, 2007 at 02:39:19PM +0200, Anonymous Coward wrote:<br><br>> im trying to deny access to everything that it's a dir/vhost using the<br>> following config<br>><br>> server {<br>> listen
<a href="http://192.168.2.1">192.168.2.1</a>;<br>> server_name mysub.domain.tld;<br>><br>> access_log /var/log/nginx/localhost.access_log main;<br>> error_log /var/log/nginx/localhost.error_log;
<br>><br>> root /var/www/localhost/htdocs/mysub.domain.tld;<br>> location / {<br>> allow <a href="http://192.168.2.2">192.168.2.2</a>;<br>> deny all;<br>> }
<br>> location /nginx_status {<br>> stub_status on;<br>> access_log off;<br>> allow <a href="http://127.0.0.1">127.0.0.1</a>;<br>> deny all;
<br>> }<br>> location ~ .php$ {<br>> include /etc/nginx/fastcgi_params;<br>> fastcgi_pass <a href="http://127.0.0.1:1105">127.0.0.1:1105</a>;<br>> fastcgi_index
index.php;<br>><br>> # where the php files to pass to the listener.<br>> fastcgi_param SCRIPT_FILENAME<br>> /var/www/localhost/htdocs/mysub.domain.tld$fastcgi_script_name;<br>> }
<br>> }<br>><br>><br>> Now there are 2 problems<br>> - it only denies access to <a href="http://mysub.domain.tld/">http://mysub.domain.tld/</a> if i connect from<br>> another host<br>> - if i connect from the right host when i try to access
<br>> <a href="http://mysub.domain.tld/">http://mysub.domain.tld/</a> it wants me to download or open a file... if i try<br>> <a href="http://mysub.domain.tld/index.php">http://mysub.domain.tld/index.php</a> it works ok... same with
<br>> <a href="http://mysub.domain.tld/myadmin">http://mysub.domain.tld/myadmin</a> for example still wants me to download/open<br>> file but works with <a href="http://mysub.domain.tld/myadmin/index.php">http://mysub.domain.tld/myadmin/index.php
</a><br>><br>> i tried with location ~ .* also but i get the same result except that it<br>> correctly denies access to everything apparently... but i still can't see<br>> the site from an allowed ip<br>>
<br>> What im doing wrong?<br>><br>> location ~ .*<br><br>I can not understand the described situation, but if you want to deny<br>access to the whole site from anywhere except <a href="http://192.168.2.2">192.168.2.2
</a>, then you should<br>set up access/deny rules at server level, and they will be inherited<br>to all locations.<br><br><br>--<br>Igor Sysoev<br><a href="http://sysoev.ru/en/">http://sysoev.ru/en/</a><br><br></blockquote>
</div><br>