0

I'm trying to deny access to all IP's but mine to the admin panel of my website.

Like so:

location /admin {
    allow my.ip.add.ess;
    deny all;
}

This works. The problem is, "/index.php/admin" also works to access the admin login page, and the block "location /index.php/admin" doesn't work.

Why doesn't the following work?

location /index.php/admin {
    allow my.ip.add.ess;
    deny all;
}

Is there any simpler way to accomplish what I want? Basically, every URL that has "/admin" on it should only be accessable by my IP.

ndnenkov
  • 35,425
  • 9
  • 72
  • 104
pedropeixoto
  • 1,633
  • 2
  • 27
  • 52
  • See my answer here: http://stackoverflow.com/questions/31937599/excluding-directory-from-regex-redirect/31993702#31993702 – Dayo Aug 27 '15 at 17:08
  • Thanks for your comment. Unfortunately, when I tried your solution, it worked for blocking other IP addresses, but gave out a 404 error on mine. This is a Magento platform by the way, and my custom admin url has a "_" in it. I don't know if that's relevant. – pedropeixoto Aug 28 '15 at 09:58
  • I meant trying `\badmin\b` in place of the first example you gave as this would also cover the second example. You just then need to make sure you have the relevant config details in the location block – Dayo Aug 28 '15 at 12:19

0 Answers0