0

I'm trying to setup a site on NGINX so the second level domain is visible publicly, but access to subdomains is restricted. Basically a dev.domain.com should be restricted to my IP, and staging.domain.com is restricted to http authentication. I also want the same restrictions applied to all sub-subdomains of those subdomains.

The server_name for each subdomain is set with the special wildcard, which I thought would effect all domains down the line, (see below). so I set location directives in the server block for each subdomain; allow/deny for server_name .dev.domain.com and auth_basic for server_name .staging.domain.com.

It's working great for the subdomains, but I'd like to have those directives also apply to all sub-subdomains (i.e.site1.dev.domain.com). Right now I have to add the directives to each sub-subdomain individually.

How do I get those directives applied to all sub-subdomains?

Here's the server block setup for staging.domain.com 

server {
    listen 80;
    listen [::]:80;
    server_name .staging.domain.com;
    root /home/forge/staging.domain.com/public;
Sirmontegu
  • 1
  • 2

1 Answers1

0

Anything you put in your http block will be inherited by all your server blocks. You can then override those settings as needed on your server blocks.

Or, you can put common setting in another file such as auth.conf and use the include directive to pull it in for each server.

Chris Malloy
  • 3
  • 1
  • I put the appropriate location directives in `/etc/nginx/sites-available/staging.domain.com` and `/etc/nginx/sites-available/dev.domain.com` respectively. I expected them to also apply to `*.sub.domain.com` based on the documentation for wildcard subdomains, but that's not the case. I'd like to avoid having to add an include to each site individually if possible. – Sirmontegu Feb 11 '17 at 21:30
  • That should be fine as long as you are matching your server block correctly. Do you have an error in your server_name directive? You might need to post some code. – Chris Malloy Feb 11 '17 at 22:08
  • Added the code for the staging server – Sirmontegu Feb 11 '17 at 23:42
  • That looks fine to me. I assume all of you location blocks for the subdomains are within this server block? You could try switching the server_name to _ as a test to see if there is a matching error. – Chris Malloy Feb 13 '17 at 01:01
  • Actually I've only seen examples of the special wildcard for subdomains, not sub-subdomains. Did you try adding the *? – Chris Malloy Feb 13 '17 at 01:14
  • Yes, that only causes it to stop applying to the subdomain also. For now I'm putting an include in the `location /` block of each site. I'm still determined to figure it out though. – Sirmontegu Feb 13 '17 at 02:00