Hi,
I am doing for location /, in that case how will have to change the below
portion.
location /downloads {
alias /downloads/;
autoindex on;
if ($forbidlisting) {
rewrite /downloads(.*) /noindex_downloads/$1 last;
}
}
location /noindex_downloads/ {
internal;
alias /downloads/;
}
On Fri, May 18, 2018, 11:10 PM Igor A. Ippolitov <iippoli...@nginx.com>
wrote:
> Sathish,
>
> I made a couple of minor mistakes.
>
> Please, try following configuration:
>
>
> map $remote_addr $forbidlisting {
> default 1;
> 1.1.1.1 0;
> }
> location /downloads {
> alias /downloads/;
> autoindex on;
> if ($forbidlisting) {
> rewrite /downloads(.*) /noindex_downloads/$1 last;
> }
> }
> location /noindex_downloads/ {
> internal;
> alias /downloads/;
> }
>
>
> I tried it and it works for me.
>
>
> On 18.05.2018 16:01, Sathish Kumar wrote:
>
> Hi,
>
> Tried this option it throws rewrite error and am not able to download file
> from non whitelisted ip addresses.
>
>
> ERROR:
> rewrite or internal redirection cycle while processing
> "/noindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsnoindex_downloadsDownloads/abcd/file.zip",
> client: 3.3.3.3, server: abc.com, request: "GET /Downloads/abcd/file.zip
>
>
> On Fri, May 18, 2018, 8:17 PM Igor A. Ippolitov <iippoli...@nginx.com>
> wrote:
>
>> Hello, guys.
>>
>> I think, you can try something like this:
>>
>> location = /downloads/ {
>> root /downloads/;
>> allow 1.1.1.1;
>> autoindex on;
>> }
>> location /downloads/ {
>> root /downloads/;
>> }
>>
>> This will work nicely if you don't need subdirectories.
>> If you need those, you can use a rewrite like:
>>
>> map $remote_addr $forbidlisting {
>> default 1;
>> 1.1.1.1 0;
>> }
>> location /downloads/ {
>> root /downloads/;
>> autoindex on;
>> if ($forbidlisting) {
>> rewrite /downloads(.*) /noindex_downloads$1 last;
>> }
>> }
>> location /noindex_downloads/ {
>> internal;
>> root /downloads/;
>> }
>>
>>
>> On 18.05.2018 14:17, Friscia, Michael wrote:
>>
>> I think you need to change this a little
>>
>>
>>
>> map $remote_addr $allowed {
>> default “off”;
>> 1.1.1.1 “on”;
>> 2.2.2.2 “on:;
>> }
>>
>> and then in in the download location block
>>
>> autoindex $allowed;
>>
>> I use similar logic on different variables and try at all costs to avoid
>> IF statements anywhere in the configs.
>>
>>
>>
>> ___________________________________________
>>
>> Michael Friscia
>>
>> Office of Communications
>>
>> Yale School of Medicine
>>
>> (203) 737-7932 - office
>>
>> (203) 931-5381 - mobile
>>
>> http://web.yale.edu
>>
>>
>>
>> *From: *nginx <nginx-boun...@nginx.org> <nginx-boun...@nginx.org> on
>> behalf of PRAJITH <prajithpalakk...@gmail.com>
>> <prajithpalakk...@gmail.com>
>> *Reply-To: *"nginx@nginx.org" <nginx@nginx.org> <nginx@nginx.org>
>> <nginx@nginx.org>
>> *Date: *Friday, May 18, 2018 at 2:16 AM
>> *To: *"nginx@nginx.org" <nginx@nginx.org> <nginx@nginx.org>
>> <nginx@nginx.org>
>> *Subject: *Re: Nginx Directory Listing - Restrict by IP Address
>>
>>
>>
>> Hi Satish,
>>
>> There are "if" constructs in nginx, please check http://nginx.org/r/if
>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__nginx.org_r_if&d=DwMFaQ&c=cjytLXgP8ixuoHflwc-poQ&r=wvXEDjvtDPcv7AlldT5UvDx32KXBEM6um_lS023SJrs&m=fKmL-eoW-L4wbuOH4Cy1Z_3ZWkTmrmgNPGNe6O6FIV4&s=_hMwYrlV1QXfU7fEvfqx9BnEUgUoadjGtTqav5fo_7M&e=>.
>> if you want to allow multiple IP addresses, it might be better idea to use
>> map. eg:
>>
>> map $remote_addr $allowed {
>> default 0;
>> 1.1.1.1 1;
>> 2.2.2.2 1;
>> }
>>
>> and then in in the download location block
>>
>> if ($allowed = 1) {
>> autoindex on;
>> }
>>
>> Thanks,
>>
>> Prajith
>>
>>
>>
>> On 18 May 2018 at 05:35, Sathish Kumar <satcs...@gmail.com> wrote:
>>
>> Hi Team,
>>
>> We have a requirement to allow directory listing from few servers and
>> disallow from other ip addresses and all IP addresses should be able to
>> download all files inside the directory.
>>
>> Can somebody provide the correct nginx config for the same.
>>
>> location / {
>>
>> root /downloads;
>>
>> autoindex on;
>>
>> allow 1.1.1.1;
>>
>> deny all;
>>
>> }
>>
>> If I use the above config, only on 1.1.1.1 IP address can directory list
>> from this server and can file download but from other IP addresses download
>> shows forbidden, due to IP address restriction
>>
>> Is there a way to overcome this issue, thanks.
>>
>>
>> Thanks & Regards
>> Sathish.V
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.nginx.org_mailman_listinfo_nginx&d=DwMFaQ&c=cjytLXgP8ixuoHflwc-poQ&r=wvXEDjvtDPcv7AlldT5UvDx32KXBEM6um_lS023SJrs&m=fKmL-eoW-L4wbuOH4Cy1Z_3ZWkTmrmgNPGNe6O6FIV4&s=UVcx123SYSrcJEG8dvDlswatIFjwcvFXOBJR6JO6VVk&e=>
>>
>>
>>
>>
>> _______________________________________________
>> nginx mailing
>> listnginx@nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> _______________________________________________
> nginx mailing
> listnginx@nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
