Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-27 Thread Francis Daly
On Mon, May 22, 2017 at 04:51:47PM -0700, li...@lazygranch.com wrote: Hi there, > If the secret page is on a different subdomain, could it be restricted to one > IP? Yes, a separate server{} block could restrict all access to a single source IP. You would want to make sure separately that

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-22 Thread lists
If the secret page is on a different subdomain, could it be restricted to one IP? ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-22 Thread Francis Daly
On Fri, May 19, 2017 at 03:24:43AM -0400, ohmykot wrote: Hi there, in nginx, one request is handled in one location, and only the config in (or inherited into) that location applies. > On the web-site, I have a wordpress page, i.e. domain.com/secret-page/, that > I want to restrict access to

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Aleksandar Lazic
Am Fri, 19 May 2017 03:24:43 -0400 schrieb "ohmykot" : > Hi! > I've got a server with nginx and a wordpress website running on it. what's the output of nginx -V? > On the web-site, I have a wordpress page, i.e. > domain.com/secret-page/, that I want to restrict

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
‎Well this is interesting. Since this situation should never happen (I think) in real life, should this code be always implemented? Any downsides?

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Igal @ Lucee.org
On 5/19/2017 4:02 PM, li...@lazygranch.com wrote: https://httpstatuses.com/444 A non-standard status code used to instructnginx to close the connection without sending a response to the client, most commonly used to deny malicious or malformed requests. This status code

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
https://httpstatuses.com/444A non-standard status code used to instruct nginx 

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Igal @ Lucee.org
On 5/19/2017 3:44 PM, li...@lazygranch.com wrote: I would return nothing, that is the 444 code. There is no such thing as the "444" code. It is an arbitrary number that was chosen because it is not used by the http specs. You might as well use 456, 499, or anything that is not defined.

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
I would return nothing, that is the 444 code. I have scripts that process access.log for 444, then see if they come from locations without eyeballs such as data centers, VPS, etc. The entire IP space then goes in

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
Beats me. I thought the 404 is what you get with the deny access. I'm sure my nginx skills are worse than yours. ;-)At one time I had a long list of deny addresses on nginx, but nginx does some processing before

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Igal @ Lucee.org
On 5/19/2017 3:14 PM, Alex Samad wrote: On 20 May 2017 at 08:00, > wrote: My experience with deny in nginx is the url isn't hidden So you don't want to just restrict access but you want to send a 404 not found unless they come from a

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Alex Samad
On 20 May 2017 at 08:00, wrote: > My experience with deny in nginx is the url isn't hidden So you don't want to just restrict access but you want to send a 404 not found unless they come from a specific ip address. I think you should be able to ... but my nginx skills

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
‎I've used this for traversal tests, but my experience is the false positive rate is very high. I ended up writing some rules to filter the test.

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread lists
‎ My experience with deny in nginx is the url isn't hidden. That is I think a crawler will see the "secret" location. Can you set this up for the 444 code, that is no reply?Rethinking this, I suppose if the

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Igal @ Lucee.org
Hello, On 5/19/2017 12:24 AM, ohmykot wrote: What I tried so far in my website config: [code] location ~* ^/secret-page/ { allow 1.1.1.1; deny all; } [/code] But this didn't work. It returns 404 error when I try to open this page from allowed IP. Looks like it tried to find the real file or

Re: How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread Alex Samad
wouldn't you use location /secret-page/ { deny all allow 1.1.1.1/32; } a On 19 May 2017 at 17:24, ohmykot wrote: > Hi! > I've got a server with nginx and a wordpress website running on it. > > On the web-site, I have a wordpress page, i.e.

How to restrict acces to specific friendly URL by IP in Wordpress site?

2017-05-19 Thread ohmykot
Hi! I've got a server with nginx and a wordpress website running on it. On the web-site, I have a wordpress page, i.e. domain.com/secret-page/, that I want to restrict access to everybody but 1 specific IP address of my other server. As this page is not a real physical directory, but just a