How to disallow access to all dot directories except .well-known?

Question

I've got this in my nginx config:

location ~ /\. {     deny all; }  location /.well-known/ {     allow all; } 

But I still can't access http://example.com/.well-known/acme-challenge/taUUGC822PcdnCnW_aADOzObZqFm3NNM5PEzLNFJXRU. How do I allow access to just that one dot directory?

Answer 1

You have a regex location and a prefix location. The regex location takes precedence unless ^~ is used with the prefix location. Try:

location ~ /\. {     deny all; } location ^~ /.well-known/ { #   allow all; } 

See this document for details.