I am trying to setup a rule in nginx where I will deny traffic if a certain url is accessed from outside the specified ip address range. Instead of specifying the url pattern that needs to be protected, I would like to setup a rule that would essentially say the following:
if URL is not a certain url format, apply the deny/allow rules in a permissions.conf file.
Previously I had this (which seems to work):
location ^~ /admin {
include permissions.conf file
}
permissions.conf file
allow 127.0.0.1;
deny all;
I would now like to replace the rule above and specify a rule which only gets hit if the url is not of a certain pattern (so in the case below, if it is not /a/test, then it should apply the permissions.conf file. The format below is not working - any ideas on how to fix it?
location ~ (/a\/(?!test)) {
include permissons.conf
}
I tried this as well:
location ~ (/a/(?!test)) {
include permissons.conf
}
&
location ~* ^(?!/a/test/) {
include permissons.conf
}
thanks in advance
I think you can try this:
location / {
if ($request_uri !~ "^/a/test$")
{
include permissons.conf
}
}
Related
In my location / directive I have added the following if statement to redirect all requests with the .html extension to the non-extension url:
if ($request_uri ~ ^/(.*)\.html) {
return 301 /$1$is_args$args;
}
This works fine, but actual .html files are also being redirected which results in a 404. I want to avoid this by adding an exception for all requests if the the url contains the directory "/static/", but I am not sure how to do that. I tried to add the following if statement before the if statement above:
if ($request_uri ~ /static/) {
}
But I'm not sure what to put in it to stop it from executing the .html if statement. Return $host$request_uri doesn't work, unfortunately.
How would I be able to do this? I cannot use location directives due to limitations of my host. Everything is being done in in the location / directive.
I want to deny access on manifest.json, list.json (or simply *.json) and all sourcemaps *.maps in packs/ folder.
I tried something like:
location ^/packs/.*\.(json|map)$ {
deny all;
return 404;
}
Didn't worked out. I still access those files :(
How can I restrict access to those files in packs/ folder?
You are trying to use regex matching location, those locations declared with a ~ (or ~* if you want case-insensitive matching) sign:
location ~ ^/packs/.*\.(json|map)$ {
deny all;
return 404;
}
So,
I've got a server with around 30 virtual host configurations, each in their own separate file. My main aim at this point is to name the access log based on the $host variable.
At the moment, I'm using the following, inside of my HTTP block to be applied to all conf files:
http {
access_log /var/log/nginx/$host.access.log
}
I'd like to be able to rewrite the above $host without the www., and just keep the domain itself. I've found the following solution for that:
if ($domain ~* www\.(.*)) {
set $domain $1;
rewrite ^(.*)$ http://$domain$1 permanent;
}
Only problem is.. 'IF' Directives are not allowed inside of the 'http' block.. Is there anyway I can achieve this, whilst still being within the 'http' block? Maybe using 'map'?
Thanks in advance,
Tom
You should use a map
http {
map $host $hostw {
default $host;
~*^www\.(.*) $1;
}
access_log /var/log/nginx/$hostw.access.log
}
I have the following url:
mywebsite.com/template/product.html
and I want to rewrite it as
mywebsite.com/product
location / {
alias /var/www/web/;
rewrite ^/(mywebsite.com/template/.*)\.html$ /$1 last;
}
Not sure if you want to handle the domain as a generic variabile.
Anyway, if you setup a server conf for mywebsite.com, this configuration should fit your case.
server {
error_log logs/mywebsite.com.log debug;
server_name mywebsite.com;
root /var/www/web/mywebsite.com;
# this directive handle the redirects from old name.html to new format
location /template/ {
rewrite ^/template/([^.]+)\.html$ /$1 redirect;
}
# given new new url format this directive match the name and
# read the file
location ~* ^/([^.]+)$ {
try_files /template/$1.html /template/notfound.html;
}
}
The regular expression you wrote did not match the product name. Now the group should fit your requirements. I have also modified the rewrite flag last in redirect because I suppose you want redirect a browser or a bot to the new urls.
I am trying to get cache-comtrol to work.
In nginx I have the following:
location /static/ {
alias /home/ubuntu/workspace/mysite;
expires max;
add_header Cache-Control public;
}
in mysite dir I have static. In static I have the dirs for js, css, and images.
In the web browser I get 404 error. Images cant be found. If I remove location /static/ this site works but I have no cache-control.
How do I resolve?
If you use url like: http://your.page.com/static/image.gif then with your rules you get such uri (including alias directive):
/home/ubuntu/workspace/mysiteimage.gif;
So conclusion is that remove last / from location directive (it should be /static) or add at the end to alias directive / (so it will be as alias /home/ubuntu/workspace/mysite/;)
Other solution could be like:
location ~ (static/.*) {
alias /home/ubuntu/workspace/mysite/$1;
# ... rest of code here
}
Then you don't have to add static again in alias directive. You just use it as location param ($1 = static/.*).
Why that way? alias directive (alias doc) work as follow: it trims from requested url part matched in location directive end then, with what will stay, append to it own rule path. In your example from url /static/image.gif/ it will trim /static/ and to your alias path append only image.gif so it will look like I wrote: /home/ubuntu/workspace/mysiteimage.gif/`.