Nginx - Deny folder, except subfolders with regex

Question

I want to deny access to anything in the app directory, except in subfolders with an Assets folder.

For example:

Allow these files /app/bundles/ApiBundle/Assets/css/Thing.js /app/bundles/AssetsBundle/Assets/css/mautic.css

Deny these: ``` /app/bundles/Whatever/Config/config.php /app/bundles/AppCache.php /app/whatever.php

This works fine (https://serverfault.com/a/450378/310646)... if I don't use regex.

For example, this works:

location ^~ /app/bundles/ApiBundle/Assets/ {
    allow all;
}

location ^~ /app/ { 
    deny all; 
}

but this does not:

location ^~ /app/bundles/.+/Assets/ {
    allow all;
}

location ^~ /app/ { 
    deny all; 
}

Any ideas?

score 0 · Answer 1 · answered Sep 10 '15 at 20:45

I figured this out.

location ~ /app/bundles/.*/Assets/ {
    allow all;
    access_log off;
}
location ~ /app/ { deny all; }

BUT... this needs to be above any other location blocks that may have an effect on it (like location ~ \.php$ for example).

Using ^~ is before regex and won't work with regex....

1 Answers1