0

I've tried countless wildcard/regex combinations to no avail for the below code. Basically just want it to capture any sub-directory of the /protected/ folder. If I use the below code for a specific folder, it works, but if I try stuff like location ^~ /protected/*/or location ^~ /protected/[a-zA-Z0-9]+/ it breaks...

Any suggestions?

location ^~ /protected/sub-folder-01/ {
    if ($cookie_amember_nr !~* [a-zA-Z0-9]+) { #not authorized
        rewrite ^(.*)$ /members/protect/new-rewrite?f=5&url=$request_uri?$args redirect;
    }
    set $file $document_root/members/data/new-rewrite/$cookie_amember_nr-5;
    if (!-f $file) { #have not access
        rewrite ^(.*)$ /members/no-access/folder/id/5?url=$request_uri?$args redirect;
    }    
    #everything is ok
}

Thank you!

Jennifer W
  • 1
  • Define "breaks". – womble Mar 10 '20 at 02:07
  • Sorry. I'll either get an error when reloading NGINX that the vhost config contains "Invalid number of arguments in the location directive", or I'll get no error, but it just simply doesn't work (to protect the folders/files)... – Jennifer W Mar 10 '20 at 02:41
  • 2
    `location ^~` doesn’t allow regexp. You have to use `location ~`. Btw, what’s wrong with simple `location ^~ /protected/`? – Alexey Ten Mar 10 '20 at 05:25
  • @AlexeyTen thank you for the response! location ^~ /protected/ will protect all of it's sub-directories, too? I also need to use regex for the "folder number", as the # has to correspond with the same number used in the membership software... – Jennifer W Mar 10 '20 at 18:30
  • `location ^~` uses prefix matching, so it will match anything starting with `/protected/`. Regarding the cookies, you'll need to sign the cookie to prevent tampering by clients, so you need to do it in an application anyway. – Piotr P. Karwasz Mar 10 '20 at 20:11

0 Answers0