Magento NGINX allow IP/deny all for downloader folder Planned maintenance scheduled April...

Is the address of a local variable a constexpr?

What does '1 unit of lemon juice' mean in a grandma's drink recipe?

What do you call a phrase that's not an idiom yet?

Using et al. for a last / senior author rather than for a first author

If Jon Snow became King of the Seven Kingdoms what would his regnal number be?

Is above average number of years spent on PhD considered a red flag in future academia or industry positions?

Why is "Captain Marvel" translated as male in Portugal?

Were Kohanim forbidden from serving in King David's army?

Why aren't air breathing engines used as small first stages

Bonus calculation: Am I making a mountain out of a molehill?

Do I really need recursive chmod to restrict access to a folder?

Why is there no army of Iron-Mans in the MCU?

Problem drawing boxes with arrows in tikZ

How do I stop a creek from eroding my steep embankment?

What are the motives behind Cersei's orders given to Bronn?

Output the ŋarâþ crîþ alphabet song without using (m)any letters

Should I call the interviewer directly, if HR aren't responding?

What is a Meta algorithm?

Antler Helmet: Can it work?

Right-skewed distribution with mean equals to mode?

Sorting numerically

Should I discuss the type of campaign with my players?

If a contract sometimes uses the wrong name, is it still valid?

How to do this path/lattice with tikz



Magento NGINX allow IP/deny all for downloader folder



Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?Magento Admin Nginx 404Magento 2 how to configure Nginx to allow execute other php files in root folderMagento completely broken: Call to a member function getCode() on boolean & There was no 404 CMS page configured or foundToo many redirects mobile version onlyProducts not found: multi-storeview in subdirectoriesCache Control for magento & Nginx advice500 Internal Server Error nginx/1.12.0 on checkout page after Migration from Apache to NginxNew install on EC2 rewrite issuesNginx auth off whole folderStatic Content 404 with Magento 2 and Nginx





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







3















I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {

    listen   80 default;



    root /var/www/mywebsiteaddress.co.uk/httpdocs;

    server_name mywebsiteaddress.co.uk;



    location / {

        index index.html index.php;

        # First attempt to serve request as file, then

        # as directory, then fall back to displaying a 404.

        try_files $uri $uri/ @handler;

    }



    ## These locations would be hidden by .htaccess normally

    location ^~ /app/                { deny all; }

    location ^~ /includes/           { deny all; }

    location ^~ /lib/                { deny all; }

    location ^~ /media/downloadable/ { deny all; }

    location ^~ /pkginfo/            { deny all; }

    location ^~ /report/config.xml   { deny all; }

    location ^~ /var/                { deny all; }

    location ^~ /downloader/     { allow 123.456.789.0; deny all; }





    location /var/export/ { ## Allow admins only to view export folder

        auth_basic           "Restricted"; ## Message shown in login window

        auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword

        autoindex            on;

    }



    location  /. { ## Disable .htaccess and other hidden files

        return 404;

    }



    location @handler { ## Magento uses a common front handler

        rewrite / /index.php;

    }



    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler

        rewrite ^(.*.php)/ $1 last;

    }



    location ~ .php$ {

        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss



        expires        off; ## Do not cache dynamic content

        fastcgi_pass   unix:/var/run/php5-fpm.sock;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

        fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores

        fastcgi_param  MAGE_RUN_TYPE store;

        include fastcgi_params;

    }

}





magento-1.9 nginx







share|improve this question














bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25


















3















I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {

    listen   80 default;



    root /var/www/mywebsiteaddress.co.uk/httpdocs;

    server_name mywebsiteaddress.co.uk;



    location / {

        index index.html index.php;

        # First attempt to serve request as file, then

        # as directory, then fall back to displaying a 404.

        try_files $uri $uri/ @handler;

    }



    ## These locations would be hidden by .htaccess normally

    location ^~ /app/                { deny all; }

    location ^~ /includes/           { deny all; }

    location ^~ /lib/                { deny all; }

    location ^~ /media/downloadable/ { deny all; }

    location ^~ /pkginfo/            { deny all; }

    location ^~ /report/config.xml   { deny all; }

    location ^~ /var/                { deny all; }

    location ^~ /downloader/     { allow 123.456.789.0; deny all; }





    location /var/export/ { ## Allow admins only to view export folder

        auth_basic           "Restricted"; ## Message shown in login window

        auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword

        autoindex            on;

    }



    location  /. { ## Disable .htaccess and other hidden files

        return 404;

    }



    location @handler { ## Magento uses a common front handler

        rewrite / /index.php;

    }



    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler

        rewrite ^(.*.php)/ $1 last;

    }



    location ~ .php$ {

        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss



        expires        off; ## Do not cache dynamic content

        fastcgi_pass   unix:/var/run/php5-fpm.sock;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

        fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores

        fastcgi_param  MAGE_RUN_TYPE store;

        include fastcgi_params;

    }

}





magento-1.9 nginx







share|improve this question














bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25














3












3








3








I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {

    listen   80 default;



    root /var/www/mywebsiteaddress.co.uk/httpdocs;

    server_name mywebsiteaddress.co.uk;



    location / {

        index index.html index.php;

        # First attempt to serve request as file, then

        # as directory, then fall back to displaying a 404.

        try_files $uri $uri/ @handler;

    }



    ## These locations would be hidden by .htaccess normally

    location ^~ /app/                { deny all; }

    location ^~ /includes/           { deny all; }

    location ^~ /lib/                { deny all; }

    location ^~ /media/downloadable/ { deny all; }

    location ^~ /pkginfo/            { deny all; }

    location ^~ /report/config.xml   { deny all; }

    location ^~ /var/                { deny all; }

    location ^~ /downloader/     { allow 123.456.789.0; deny all; }





    location /var/export/ { ## Allow admins only to view export folder

        auth_basic           "Restricted"; ## Message shown in login window

        auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword

        autoindex            on;

    }



    location  /. { ## Disable .htaccess and other hidden files

        return 404;

    }



    location @handler { ## Magento uses a common front handler

        rewrite / /index.php;

    }



    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler

        rewrite ^(.*.php)/ $1 last;

    }



    location ~ .php$ {

        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss



        expires        off; ## Do not cache dynamic content

        fastcgi_pass   unix:/var/run/php5-fpm.sock;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

        fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores

        fastcgi_param  MAGE_RUN_TYPE store;

        include fastcgi_params;

    }

}





magento-1.9 nginx







share|improve this question














I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {

    listen   80 default;



    root /var/www/mywebsiteaddress.co.uk/httpdocs;

    server_name mywebsiteaddress.co.uk;



    location / {

        index index.html index.php;

        # First attempt to serve request as file, then

        # as directory, then fall back to displaying a 404.

        try_files $uri $uri/ @handler;

    }



    ## These locations would be hidden by .htaccess normally

    location ^~ /app/                { deny all; }

    location ^~ /includes/           { deny all; }

    location ^~ /lib/                { deny all; }

    location ^~ /media/downloadable/ { deny all; }

    location ^~ /pkginfo/            { deny all; }

    location ^~ /report/config.xml   { deny all; }

    location ^~ /var/                { deny all; }

    location ^~ /downloader/     { allow 123.456.789.0; deny all; }





    location /var/export/ { ## Allow admins only to view export folder

        auth_basic           "Restricted"; ## Message shown in login window

        auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword

        autoindex            on;

    }



    location  /. { ## Disable .htaccess and other hidden files

        return 404;

    }



    location @handler { ## Magento uses a common front handler

        rewrite / /index.php;

    }



    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler

        rewrite ^(.*.php)/ $1 last;

    }



    location ~ .php$ {

        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss



        expires        off; ## Do not cache dynamic content

        fastcgi_pass   unix:/var/run/php5-fpm.sock;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

        fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores

        fastcgi_param  MAGE_RUN_TYPE store;

        include fastcgi_params;

    }

}





magento-1.9 nginx




magento-1.9 nginx






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Apr 28 '16 at 15:48









ChrisChris

509




509





bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25



















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25

















do you see your ip address in access log?

– MagenX
May 3 '16 at 15:25





do you see your ip address in access log?

– MagenX
May 3 '16 at 15:25










1 Answer
1






active

oldest

votes


















0














I know this i an old post, but we block access to magmi like this:



   location ~* ^/(index.php/)?magmi {



     include includes/admin-ips;



     deny all;


With admin-ips being a text file with a list of ipaddress eg:



allow **.***.**.**/32;





share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "479"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f113163%2fmagento-nginx-allow-ip-deny-all-for-downloader-folder%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I know this i an old post, but we block access to magmi like this:



       location ~* ^/(index.php/)?magmi {
    

    
     include includes/admin-ips;
    

    
     deny all;


    With admin-ips being a text file with a list of ipaddress eg:



    allow **.***.**.**/32;





    share|improve this answer




























      0














      I know this i an old post, but we block access to magmi like this:



         location ~* ^/(index.php/)?magmi {
      

      
     include includes/admin-ips;
      

      
     deny all;


      With admin-ips being a text file with a list of ipaddress eg:



      allow **.***.**.**/32;





      share|improve this answer


























        0












        0








        0







        I know this i an old post, but we block access to magmi like this:



           location ~* ^/(index.php/)?magmi {
        

        
     include includes/admin-ips;
        

        
     deny all;


        With admin-ips being a text file with a list of ipaddress eg:



        allow **.***.**.**/32;





        share|improve this answer













        I know this i an old post, but we block access to magmi like this:



           location ~* ^/(index.php/)?magmi {
        

        
     include includes/admin-ips;
        

        
     deny all;


        With admin-ips being a text file with a list of ipaddress eg:



        allow **.***.**.**/32;






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Mar 8 '17 at 16:20









        PaddyDPaddyD

        104114




        104114






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f113163%2fmagento-nginx-allow-ip-deny-all-for-downloader-folder%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            “%fieldName is a required field.”, in Magento2 REST API Call for GET Method Type The Next...

            Image
            How seriously should I take size and weight limits of hand luggage? Can a virus destroy the BIOS of a modern computer? Can I hook these wires up to find the connection to a dead outlet? How to keep a dark protagonist who wants to keep his humanity dark? How does a dynamic QR code work? My singleton can be called multiple times How to detect integer overflow in C? Can a PhD from a non-TU9 German university become a professor in a TU9 university? How to travel Japan while expressing milk? Is it a bad idea to plug the other end of ESD strap to wall ground? How to show a landlord what we have in s
            Read more

            How to change City field to a dropdown in Checkout step Magento 2Magento 2 : How to change UI field(s)...

            Image
            Does the US political system, in principle, allow for a no-party system? Is it a Cyclops number? "Nobody" knows! Understanding a proof about a set being closed Rationale to prefer local variables over instance variables? Movie: boy escapes the real world and goes to a fantasy world with big furry trolls Why aren't there more Gauls like Obelix? I reported the illegal activity of my boss to his boss. My boss found out. Now I am being punished. What should I do? Solving Linear Matrix Recurrences What is the generally accepted pronunciation of “topoi”? Is it safe to abruplty remove arduino power
            Read more

            夢乃愛華...

            Image
            1995年出生在世人物日本AV女優S1女優埼玉縣出身人物 日本AV女優S1TeStar千葉縣松戶市立旭町中學校松戶市立松戶高等學校淑德大學S1 body.skin-minerva .mw-parser-output table.infobox caption{text-align:center} ゆめの あいか 夢乃 あいか AV女优 别名 安藤琴乃(本名) [1] 民族 大和族 出生 ( 1995-09-18 ) 1995年9月18日 ( 23歲) 出道地点   日本宮城縣 → 千葉縣 → 埼玉縣 活跃年代 2013年 - 血型 B型 体形(2013年 [2] 数值) 身高/体重 149 厘米 / ― 公斤 三围 79 - 52 - 78 cm 罩杯 G 体形备注 巨乳 计量单位换算 身高/体重 4英尺11英寸 / ― 磅 三围 31 - 20 - 31 英寸 活动 拍摄类型 AV 模特儿类型 水着 其他职业 鯛魚燒店員(求學時期) [1] 業餘攝影會模特兒(求學時期) [3] 教学:Template:AV女优/doc 夢乃愛華 (日语: 夢乃 あいか / ゆめの あいか   Yumeno Aika ,1995年9月18日 - [1] )是日本AV女優,现为S1专属女优,所屬經紀公司為TeStar。 目录 1 簡歷 2 演出作品 2.1 成人影片 2.2 形象影片 2.3 綜藝節目 2.4 網上節目 3 其他產品 3.1 雜誌 3.2 寫真集 3.3 網上寫真 4 相關條目 5 參考資料 6 外部連結 簡歷 夢乃愛華出身於宮城縣,有一位姊姊 [3] ,後與家人移居千葉縣,曾就讀當地的松戶市立旭町中學校及松戶市立松戶高等學校 [1] 。她中學一年級時身高已停止增長,而高中初期胸部罩杯亦只有 B,但隨著「初體驗」和均衡飲食帶來的生理影響,三年級畢業那刻罩杯則升至 F [3] 。
            Read more