nginx symfony(4.3.2) location deny
by zomane from LinuxQuestions.org on (#4WGWY)
After I spent hours trying and searching I still cannot figure out how to limit in nginx access to a location which is not a directory or file in the vhost directory tree.
First thing that comes in my mind of course is :
Code: location ~ ^/adminlogin { #tried also without / with ~* and so on still 404
allow 1.2.3.4;
deny all;
}This adminlogin works perfectly fine without restrictions but when I put them in place "all" starting to get 403 which is expected but the allowed IP gets 404.
In logs I see:
without the rule:
Code:- - [13/Dec/2019:10:49:55 +0100] domain.com "domain.com: HEAD /adminlogin HTTP/2.0" 200 0 "-" "curl/7.52.1" "-" 45 0.011with the rule:
Code:2019/12/13 10:50:12 [error] 14589#14589: *22 open() "/srv/domain.com/public/adminlogin" failed (2: No such file or directory), client: 1.2.3.4, server: domain.com, request: "HEAD /adminlogin HTTP/2.0", host: "domain.com"
- - [13/Dec/2019:10:50:12 +0100] domain.com: HEAD /adminlogin HTTP/2.0" 404 0 "-" "curl/7.52.1" "-" 45 0.000The adminlogin thing is not a folder or file in the server root but comes from symfony app running via php-fpm. So "No such file or directory" makes sense here but the question is how to make it work in nginx
I've found this
https://symfony.com/doc/current/secu...s_control.html
so if instruct the devs to add
Code:- { path: '^/adminlogin', roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1, 1.2.3.4] }this will do the job but as I said I want to do it in nginx somehow if possible
thanks.
First thing that comes in my mind of course is :
Code: location ~ ^/adminlogin { #tried also without / with ~* and so on still 404
allow 1.2.3.4;
deny all;
}This adminlogin works perfectly fine without restrictions but when I put them in place "all" starting to get 403 which is expected but the allowed IP gets 404.
In logs I see:
without the rule:
Code:- - [13/Dec/2019:10:49:55 +0100] domain.com "domain.com: HEAD /adminlogin HTTP/2.0" 200 0 "-" "curl/7.52.1" "-" 45 0.011with the rule:
Code:2019/12/13 10:50:12 [error] 14589#14589: *22 open() "/srv/domain.com/public/adminlogin" failed (2: No such file or directory), client: 1.2.3.4, server: domain.com, request: "HEAD /adminlogin HTTP/2.0", host: "domain.com"
- - [13/Dec/2019:10:50:12 +0100] domain.com: HEAD /adminlogin HTTP/2.0" 404 0 "-" "curl/7.52.1" "-" 45 0.000The adminlogin thing is not a folder or file in the server root but comes from symfony app running via php-fpm. So "No such file or directory" makes sense here but the question is how to make it work in nginx
I've found this
https://symfony.com/doc/current/secu...s_control.html
so if instruct the devs to add
Code:- { path: '^/adminlogin', roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1, 1.2.3.4] }this will do the job but as I said I want to do it in nginx somehow if possible
thanks.