acme-challenge but deny dot files

Anoop Alias Tue, 04 Apr 2017 01:46:33 -0700

You can put it above the other deny location
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ {
allow all;
}




On Tue, Apr 4, 2017 at 2:06 PM, Martin Wolfert <mar...@martin-wolfert.de>
wrote:

> Hi,
>
> try this:
>
> # Allow access to the letsencrypt ACME Challenge
> location ~ /\.well-known\/acme-challenge {
>     allow all;
> }
>
> Best,
> Martin
>
>
>
> Am 04.04.2017 um 10:33 schrieb basti:
>
>> Hello,
>>
>> at the Moment I use this config
>>
>> # Deny access to all .invisible files.
>> location ~ /\. { deny  all; access_log off; log_not_found off; }
>>
>>
>> Now I need access to Let's Encrypt acme-challenge and add this to my
>> config before deny all .invisible files, now it looks like
>>
>> ...
>> # Allow Let's Encrypt acme-challenge
>> location /.well-known/acme-challenge { allow all; access_log on; }
>>
>> # Deny access to all .invisible files.
>> location ~ /\. { deny  all; access_log off; log_not_found off; }
>> ...
>>
>> I have reload nginx but I have no access to
>> http://example.com/.well-known/acme-challenge
>>
>> Log say "access forbidden by rule."
>> Is there a way to allow /.well-known/ and deny all other?
>>
>> Best Regards,
>> basti
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
*Anoop P Alias*

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: Allow /.well-known/acme-challenge but deny dot files

Reply via email to