I'm trying to deny access to all locations on the server, unless the user has a specific IP address or enteres a password. This part is working. I'm also trying to add an exception, where any path starting with /Public is allowed by anyone with no password. I've tried to override it in a location block, but this doesn't seem to have any effect.


server {

...

satisfy any;
allow xx.xxx.xxx.xxx;
deny all;
auth_basic "Restricted";
auth_basic_user_file /x/y/z;

location ~* ^/Public {
satisfy any;
allow all;
}

location / {
try_files fake.html @apache;
}

}


I've also tried nesting like:

location / {
location ~* ^/Public {
satisfy any;
allow all;
}
try_files fake.html @apache;
}

But it always requires a password, even on Public. How can I override security on just the one folder?