Nginx Block IP based on URI in one ‘location’

There is currently a block of one location /

  location / {
    root  /var/www/docs;
    proxy_pass  http://backend;
    proxy_buffering     on;
    proxy_buffer_size   64k;
    proxy_buffers       256   64k;
  }

that needs to be filtered by IP.

Ideally, in order to reduce the number of repetitions of the same directives in location, I would like to perform the test within the location block

  location / {

    if ($uri ~ '^/(abc|def|ghi)') {
        allow 10.0.0.0/8;
        allow 1.2.3.4;
        deny all;
    }

    root  /var/www/docs;
    proxy_pass  http://backend;
    proxy_buffering     on;
    proxy_buffer_size   64k;
    proxy_buffers       256   64k;
  }

Unfortunately, it seems the allow/deny directives cannot be used within a if block.

"allow" directive is not allowed here in /etc/nginx/sites-enabled/mysite:20

Is there an elegant way to perform the test without repeating the location blocks?

(like

  location ~ /(abc|def|ghi) {

        allow 10.0.0.0/8;
        allow 1.2.3.4;
        deny all;

        ... 5 other lines root,proxy...
   }

  location  / {

        ... 5 other lines root,proxy...
   }

)

location / { try_files $uri @proxy; } location ~ /(abc|def|ghi) { allow 10.0.0.0/8; allow 1.2.3.4; deny all; try_files $uri @proxy; } location @proxy { root /var/www/docs; proxy_pass http://backend; proxy_buffering on; proxy_buffer_size 64k; proxy_buffers 256 64k; }

Best Answer

Like coredump said, no, use multiple locations.

But it is possible to make the contents of the location blocks less repetitive. The key here is a named location block which contains the root and proxy_... directives.

For example:

And probably even better would be to place the root directive outside all the location blocks.

Best Answer

Related Solutions

NGINX Redirect – How to Rewrite All HTTP Requests to HTTPS While Maintaining Sub-Domain

Correct way in new versions of nginx

Nginx Configuration – How to Remove Location Block from $uri

Related Topic