Hey all,

I'm a little stumped about what I'm doing wrong here. Basically I have a subdirectory that I want to restrict access to specific IP's, otherwise return a 403.

If I do the following (inside my server {} block):

server {
// normal processing code here
...

location ~ ^/my_ws$ {
allow XX.XX.XX.XX;
allow XX.XX.XX.XX/24;
deny all;
}
}

Hitting the following URL works as intended and I get a 403 if I try from anywhere other than the specified URL's: http://www.mydomain.com/my_ws

However, if there's anything AFTER that (i.e. my_ws/, my_ws/page2, my_ws?parameter1, etc.) it allows them to proceed regardless of IP.

I'm sure it's something required before or after the $, but I can't figure it out.

Thanks in advance!

Justin