Nginx: protect directory and files

Question

I wrote this to prevent the directory "download" to be accessed but from the IP 1.2.3.4.

location ~ /folder/download {
    allow 1.2.3.4;
    deny all;
    return 403;
}

However, the directory "folder" is being blocked as well and I did not wanted this.

What am I doing wrong?

UPDATE:

Here it goes all the real config:

server {
    server_name www.domain.com;
    rewrite ^ $scheme://domain.com$request_uri? permanent;
}

server {
    server_name atpc.info;

    access_log /var/log/nginx/atpc.info.access;
    error_log /var/log/nginx/atpc.info.error;

    root /var/www/atpc.info;

    location ^~ folder/download {
            allow 1.2.3.4;
            deny all;
    }

    location ^~ folder/includes {
            allow 1.2.3.4;
            deny all;
    }

    location ^~ folder/mythings {
            allow 1.2.3.4;
            deny all;
    }

    location ^~ folder/functions {
            allow 1.2.3.4;
            deny all;
    }

    location / { index index.htm index.php; }

    location ~ .php$ {
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include /etc/nginx/fastcgi_params;
    }

    location = /favicon.ico {
            return 204;
            access_log off;
            log_not_found off;
    }

    location = /robots.txt { allow all; log_not_found off; access_log off; }
    location ~ /\. { deny all; access_log off; log_not_found off; }
}

Thanks.

Answer 1

You probably want location ^~ instead of location ~, as the former is a prefix match that doesn't allow regex overrides, and the latter is a regex location. Also, remove the return 403; The allow and deny directives are sufficient for your application, and the return will always be evaluated, which means everyone will get a 403.