Magento NGINX allow IP/deny all for downloader folder Planned maintenance scheduled April...

Is the address of a local variable a constexpr?

What does '1 unit of lemon juice' mean in a grandma's drink recipe?

What do you call a phrase that's not an idiom yet?

Using et al. for a last / senior author rather than for a first author

If Jon Snow became King of the Seven Kingdoms what would his regnal number be?

Is above average number of years spent on PhD considered a red flag in future academia or industry positions?

Why is "Captain Marvel" translated as male in Portugal?

Were Kohanim forbidden from serving in King David's army?

Why aren't air breathing engines used as small first stages

Bonus calculation: Am I making a mountain out of a molehill?

Do I really need recursive chmod to restrict access to a folder?

Why is there no army of Iron-Mans in the MCU?

Problem drawing boxes with arrows in tikZ

How do I stop a creek from eroding my steep embankment?

What are the motives behind Cersei's orders given to Bronn?

Output the ŋarâþ crîþ alphabet song without using (m)any letters

Should I call the interviewer directly, if HR aren't responding?

What is a Meta algorithm?

Antler Helmet: Can it work?

Right-skewed distribution with mean equals to mode?

Sorting numerically

Should I discuss the type of campaign with my players?

If a contract sometimes uses the wrong name, is it still valid?

How to do this path/lattice with tikz



Magento NGINX allow IP/deny all for downloader folder



Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?Magento Admin Nginx 404Magento 2 how to configure Nginx to allow execute other php files in root folderMagento completely broken: Call to a member function getCode() on boolean & There was no 404 CMS page configured or foundToo many redirects mobile version onlyProducts not found: multi-storeview in subdirectoriesCache Control for magento & Nginx advice500 Internal Server Error nginx/1.12.0 on checkout page after Migration from Apache to NginxNew install on EC2 rewrite issuesNginx auth off whole folderStatic Content 404 with Magento 2 and Nginx





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







3















I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {
listen 80 default;

root /var/www/mywebsiteaddress.co.uk/httpdocs;
server_name mywebsiteaddress.co.uk;

location / {
index index.html index.php;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ @handler;
}

## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location ^~ /downloader/ { allow 123.456.789.0; deny all; }


location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}

location /. { ## Disable .htaccess and other hidden files
return 404;
}

location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}

location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

expires off; ## Do not cache dynamic content
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}









share|improve this question














bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25


















3















I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {
listen 80 default;

root /var/www/mywebsiteaddress.co.uk/httpdocs;
server_name mywebsiteaddress.co.uk;

location / {
index index.html index.php;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ @handler;
}

## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location ^~ /downloader/ { allow 123.456.789.0; deny all; }


location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}

location /. { ## Disable .htaccess and other hidden files
return 404;
}

location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}

location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

expires off; ## Do not cache dynamic content
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}









share|improve this question














bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25














3












3








3








I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {
listen 80 default;

root /var/www/mywebsiteaddress.co.uk/httpdocs;
server_name mywebsiteaddress.co.uk;

location / {
index index.html index.php;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ @handler;
}

## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location ^~ /downloader/ { allow 123.456.789.0; deny all; }


location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}

location /. { ## Disable .htaccess and other hidden files
return 404;
}

location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}

location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

expires off; ## Do not cache dynamic content
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}









share|improve this question














I'm having a problem allowing my IP address access to the downloader folder when using nginx to deny all other IP's. Any ideas where I'm going wrong with the below? I've tried with my IPv4 and IPv6 address, neither works and results in a 403 forbidden.
(Domain and IP I've replaced for security)



   server {
listen 80 default;

root /var/www/mywebsiteaddress.co.uk/httpdocs;
server_name mywebsiteaddress.co.uk;

location / {
index index.html index.php;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ @handler;
}

## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location ^~ /downloader/ { allow 123.456.789.0; deny all; }


location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}

location /. { ## Disable .htaccess and other hidden files
return 404;
}

location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}

location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

expires off; ## Do not cache dynamic content
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}






magento-1.9 nginx






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Apr 28 '16 at 15:48









ChrisChris

509




509





bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 14 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25



















  • do you see your ip address in access log?

    – MagenX
    May 3 '16 at 15:25

















do you see your ip address in access log?

– MagenX
May 3 '16 at 15:25





do you see your ip address in access log?

– MagenX
May 3 '16 at 15:25










1 Answer
1






active

oldest

votes


















0














I know this i an old post, but we block access to magmi like this:



   location ~* ^/(index.php/)?magmi {

include includes/admin-ips;

deny all;


With admin-ips being a text file with a list of ipaddress eg:



allow **.***.**.**/32;





share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "479"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f113163%2fmagento-nginx-allow-ip-deny-all-for-downloader-folder%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I know this i an old post, but we block access to magmi like this:



       location ~* ^/(index.php/)?magmi {

    include includes/admin-ips;

    deny all;


    With admin-ips being a text file with a list of ipaddress eg:



    allow **.***.**.**/32;





    share|improve this answer




























      0














      I know this i an old post, but we block access to magmi like this:



         location ~* ^/(index.php/)?magmi {

      include includes/admin-ips;

      deny all;


      With admin-ips being a text file with a list of ipaddress eg:



      allow **.***.**.**/32;





      share|improve this answer


























        0












        0








        0







        I know this i an old post, but we block access to magmi like this:



           location ~* ^/(index.php/)?magmi {

        include includes/admin-ips;

        deny all;


        With admin-ips being a text file with a list of ipaddress eg:



        allow **.***.**.**/32;





        share|improve this answer













        I know this i an old post, but we block access to magmi like this:



           location ~* ^/(index.php/)?magmi {

        include includes/admin-ips;

        deny all;


        With admin-ips being a text file with a list of ipaddress eg:



        allow **.***.**.**/32;






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Mar 8 '17 at 16:20









        PaddyDPaddyD

        104114




        104114






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f113163%2fmagento-nginx-allow-ip-deny-all-for-downloader-folder%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            “%fieldName is a required field.”, in Magento2 REST API Call for GET Method Type The Next...

            How to change City field to a dropdown in Checkout step Magento 2Magento 2 : How to change UI field(s)...

            變成蝙蝠會怎樣? 參考資料 外部連結 导航菜单Thomas Nagel, "What is it like to be a...