Hello,

I want to secure a site using the allow/deny directives so that only
allowed networks will be able to access it. There is one "public"
directory, however, that I want to be accessible for everyone.

nginx serves as a reverse proxy on that site, and requests for URIs that
end with the suffix ".cfm" are proxied to Tomcat.

So I currently have something like:

location / {
allow 10.0.0.0/24;
deny all;
}

location /public/ {
allow all; # does that make sense?
}

location ~ \.cfm$ {
## proxy settings go here
}

Keep in mind that .cfm scripts are both in /public/ as well as in other
directories.

How can I achieve that?

Thanks,

Igal Sapir
Lucee Core Developer
Lucee.org http://lucee.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx