Difference between revisions of "Nginx Directory Access Restriction"
(Created page with "This document explains how to add protection for a directory on a server that runs NGINX. NGINX does not read .htaccess files and any restrictions set with a .htaccess file w...") |
|||
| Line 40: | Line 40: | ||
<div class="source-cli">/etc/nginx/sites-available/example.com</div> | <div class="source-cli">/etc/nginx/sites-available/example.com</div> | ||
| − | ==None of the above== | + | ===None of the above=== |
If the configuration file is not found in any of the above locations, at the command prompt, run the following command: | If the configuration file is not found in any of the above locations, at the command prompt, run the following command: | ||
<div class="source-cli">nginx -t</div> | <div class="source-cli">nginx -t</div> | ||
Revision as of 01:17, 28 January 2020
This document explains how to add protection for a directory on a server that runs NGINX.
NGINX does not read .htaccess files and any restrictions set with a .htaccess file will not apply. WHMCS uses a .htaccess file to protect the /vendor/ directory. This directory loses its protection on servers that runs NGINX. The below guide demonstrates how to restrict access to this directory.
Contents
Restricting Directory Access
- Login to the web server.
- Locate the Nginx configuration template (see "Locating the Nginx configuration template")
- Add the deny directive (a sample is provided below) to the server block of your site's configuration
- Save your changes and restart Nginx
The Deny Directive
server {
location ~ /vendor/ {
deny all;
return 403;
}
...
}
Locating the Nginx configuration file
Nginx has a very flexible configuration organization. Because of this, your configuration file may be in a number of different places.
cPanel & WHM
The following path is the default location for the Nginx configuration file on cPanel & WHM servers:
Debian & Ubuntu
The following path is the most common location:
Often times administrators will setup configuration files for each site individually. In this case, you can often find the configuration files for each domain in the /sites-available directory:
None of the above
If the configuration file is not found in any of the above locations, at the command prompt, run the following command:
The output should display the current directory path to your server's Nginx configuration file. The output will should resemble the following example:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
To check if the Nginx configuration file contains any include directives, run the following command:
If the grep command does not return any output, then you can proceed with your changes to the configuration. If the grep command returns any includes, you must check each include file for the server directive. The following grep command output example displays an Nginx configuration file that contains includes:
include /etc/nginx/modules-enabled/*.conf;
include /etc/nginx/mime.types;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
If none are found, the `server` block should be found in the config file found with `nginx -t`.
If included configuration files are found, it will be necessary to check each of the included files for the `server` directive.
Restarting Nginx
After making any configuration changes to Nginx, it is necessary to reload the Nginx config.
cPanel & WHM
Run the following command:
Other Operating Systems
CentOS 6:
CentOS 7:
Debian/Ubuntu: