-1

I have a URL...

/index.php?option=com_docman&task=doc_download&gid= // many gid's

I want to use an NGINX location block with a wildcard to "DENY ALL" any urls containing "option=com_docman"

In various regex testers....

^(.*)(option)(.*)(com_docman)$ // Works fine for normal regex

However when testing in my nginx.conf file... the following does not work.

location ~ ^(.*)(option)(.*)(com_docman)(.*)$ {
    Deny All;
}

Bonus Is there a way to get robots.txt to address wildcard urls in the same way?

Edit Not sure why downvoted... anyone want to tell me what obvious thing i'm doing wrong here?

iwaseatenbyagrue
  • 3,688
  • 15
  • 24
Jonathan Coe
  • 391
  • 1
  • 3
  • 11

2 Answers2

1

Your basic issue seems to be syntax - Deny is not a valid keyword.

The documentation for nginx's access module (https://nginx.org/en/docs/http/ngx_http_access_module.html) provides the correct syntax, which is deny all;.

Potentially, you could have identified the problem by running a config check:

$ nginx -t
nginx: [emerg] unknown directive "Deny" in /etc/nginx/nginx.conf:48

I can't speak for why your question was downvoted, but its title and actual content don't necessary match up - you are really trying to deny access to a URL endpoint based on some parameters, rather than doing wildcard denial.

Your question also had both apache and nginx tags (see https://serverfault.com/help/tagging), while it is really only about nginx.

I suspect you might also want to check https://serverfault.com/help/how-to-ask - it isn't clear how much research you had done prior to asking the question.

iwaseatenbyagrue
  • 3,688
  • 15
  • 24
0

location directive matches only the normalized URI, and that does not include query arguments.

You can use the following to block requests that have option argument with value com_docman:

if ($arg_option = "com_docman") {
    deny all;
}
Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63