{"id":2775,"date":"2020-12-17T06:45:03","date_gmt":"2020-12-17T06:45:03","guid":{"rendered":"https:\/\/ubiq.co\/tech-blog\/?p=2775"},"modified":"2025-09-24T07:37:37","modified_gmt":"2025-09-24T07:37:37","slug":"nginx-restrict-access-to-directory-and-subdirectories","status":"publish","type":"post","link":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/","title":{"rendered":"NGINX Restrict Access to Directory and Subdirectories"},"content":{"rendered":"\n<p>NGINX is a popular web server used by many web developers and organizations. It allows you to easily manage large websites and control access to their web pages. Many web administrators need to limit access to certain folders and subfolders on your website, due to their sensitive nature of information. In this article, we will learn how to use NGINX server to restrict access to directory &amp; subdirectory. <\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Why_Restrict_Access_to_Directories_in_NGINX\" >Why Restrict Access to Directories in NGINX<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#NGINX_Restrict_Access_to_Directory_and_Subdirectories\" >NGINX Restrict Access to Directory and Subdirectories<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#1_Open_NGINX_configuration_file\" >1. Open NGINX configuration file<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#2_Restrict_Access_to_URL\" >2. Restrict Access to URL<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Restrict_Access_from_Single_IP\" >Restrict Access from Single IP<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Restrict_Access_from_Multiple_IPs\" >Restrict Access from Multiple IPs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Restrict_Access_from_Range_of_IP_addresses\" >Restrict Access from Range of IP addresses<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Restrict_from_All_Except_One_IP\" >Restrict from All Except One IP<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#3_Restart_NGINX_Server\" >3. Restart NGINX Server<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#Conclusion\" >Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Why_Restrict_Access_to_Directories_in_NGINX\"><\/span>Why Restrict Access to Directories in NGINX<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Websites contain private URLs and sensitive data that should be protected from public access. Otherwise, it can result in data leaks. In many organizations, administrators are required to allow only authorized access to certain web pages. This is mostly required in intranet or corporate websites. Sometimes your website may be under persistent attack from malicious bots sending requests from certain IP addresses. In all these cases, you need to restrict access to directories, subdirectories, URLs and files on your website. NGINX allows you to easily control access using <em>Deny<\/em> and <em>Allow<\/em> directives. We will learn how to use them to our advantage.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"NGINX_Restrict_Access_to_Directory_and_Subdirectories\"><\/span>NGINX Restrict Access to Directory and Subdirectories<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>For our purpose, we will use <a href=\"https:\/\/nginx.org\/en\/docs\/http\/ngx_http_access_module.html\" target=\"_blank\" rel=\"noreferrer noopener\">ngx_http_access_module<\/a>. It mainly supports two directives &#8211; allow and deny. Allow directive is used to allow requests from IP address, network or range of IP addresses. You can place the allow directive in http, server or location blocks of your server configuration. Here is its syntax.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">allow address | CIDR | unix: | all;<\/pre>\n\n\n\n<p>Similarly, deny directive is used to block access from IP address, network or address range. It can also be placed in http, server and location blocks. Here is its syntax.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">deny address | CIDR | unix: | all;<\/pre>\n\n\n\n<p>Here are the steps to restrict access to directory and subdirectories in NGINX. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Open_NGINX_configuration_file\"><\/span>1. Open NGINX configuration file<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Open terminal and run the following command to open NGINX configuration file.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo vi \/etc\/nginx\/nginx.conf<\/pre>\n\n\n\n<p>If you have configured separate virtual hosts for your website (e.g <em>www.example.com<\/em>), such as <em>\/etc\/nginx\/sites-enabled\/example.conf<\/em> then open its configuration with the following command<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo vi&nbsp;\/etc\/nginx\/sites-enabled\/example.conf<\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Restrict_Access_to_URL\"><\/span>2. Restrict Access to URL<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Let us say you want to limit access to <em>\/product<\/em> directory by IP 45.34.21.10.<\/p>\n\n\n\n<p>In that case add the <em>Deny<\/em> directive<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Deny 45.34.21.10<\/pre>\n\n\n\n<p>On the other hand, if you want to allow access from this IP add the following directive.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Allow 45.34.21.10<\/pre>\n\n\n\n<p>Let us look at some common use cases.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Restrict_Access_from_Single_IP\"><\/span>Restrict Access from Single IP<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Let us say you want to block access to \/product from just one IP address 45.34.21.10. In this case, add the following Deny directive in the location block for <em>\/product<\/em>, in your NGINX server configuration.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/product {\n   ...\n   deny 45.34.21.10;\n   ...\n}<\/pre>\n\n\n\n<p>You can use the same directive to restrict access to subfolders, URLs as well as files. Here is an example to restrict access to subfolder \/product\/data.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/product\/data {<br>   ...<br>   deny 45.34.21.10;<br>   ...<br>}<\/pre>\n\n\n\n<p>Here is an example to restrict access to specific URL \/test.html<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/test.html {<br>   ...<br>   deny 45.34.21.10;<br>   ...<br>}<\/pre>\n\n\n\n<p>Here is an example to restrict access to file data.pdf<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/data.pdf {<br>   ...<br>   deny 45.34.21.10;<br>   ...<br>}<\/pre>\n\n\n\n<p>If you place the deny directive in server block then it will be applicable for all URLs pertaining to the domain that this server handles. If you place it in http block, it will be applied to all domains and virtual hosts served by the http block.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Restrict_Access_from_Multiple_IPs\"><\/span>Restrict Access from Multiple IPs<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Let us say you want to block access from multiple IPs. In this case, add separate Deny statements, one for each IP as shown.<\/p>\n\n\n\n<pre id=\"block-5426c195-9337-4445-b4ae-a195f1ab66a1\" class=\"wp-block-preformatted\">location \/product {<br>   ...<br>   Deny 45.34.21.10;<br>   Deny 54.23.10.13;<br>   ...<br>}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Restrict_Access_from_Range_of_IP_addresses\"><\/span>Restrict Access from Range of IP addresses<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>If you want to limit access to directory for an IP range such as 45.23.10.0-45.23.10.255 then specify IP range using <a href=\"https:\/\/www.ipaddressguide.com\/cidr\" target=\"_blank\" rel=\"noreferrer noopener\">CIDR notation<\/a>.<\/p>\n\n\n\n<pre id=\"block-c04457f9-d1bf-4951-bb1f-f63fe49dc40e\" class=\"wp-block-preformatted\">location \/product {<br>   ...<br>   Deny 45.34.21.0\/24;<br>   ...<br>}<\/pre>\n\n\n\n<p>You can also use a combination of both if you want, as shown below. Here you specify one IP address in one Deny statement, and use a CIDR notation in another statement. If you want to limit access to directory for an IP range such as 45.23.10.0-45.23.10.255 then specify IP range using CIDR notation.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/product {<br>   ...<br>   Deny 54.43.32.21;<br>   Deny 45.34.21.0\/24;<br>   ...<br>}<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Restrict_from_All_Except_One_IP\"><\/span>Restrict from All Except One IP<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>If you want to restrict access to folders and subfolders by all IPs except one known IP 45.34.21.10, then add the following Deny and Allow statements as shown.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">location \/product {\n   ...\n   Allow 45.34.21.10;\n   Deny All;\n   ...\n}<\/pre>\n\n\n\n<p>The allow statement will allow access to specified IP and deny statement will limit access to all other IPs. <\/p>\n\n\n\n<p>If <a href=\"https:\/\/ubiq.co\/tech-blog\/enable-cors-nginx\/\">Cross Origin Resource Sharing(CORS) is available on your NGINX server<\/a>, check if its rules conflict with the above mentioned ones.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Restart_NGINX_Server\"><\/span>3. Restart NGINX Server<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Finally, run the following command to check syntax of your updated config file.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo nginx -t<\/pre>\n\n\n\n<p>If there are no errors, run the following command to restart NGINX server.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">$ sudo service nginx reload #debian\/ubuntu\n$ systemctl restart nginx #redhat\/centos\n<\/pre>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>In this tutorial, we have learnt how to restrict access to a specific directory, sub directory, URL and file in NGINX, using Deny directive. The key part is to construct the Deny statement using the appropriate IP address, or range of IPs. Then place the statement in the right location block of the directory or URL. If you want to block access from multiple IP addresses, add separate Deny statements, one for each IP. If you want to block access from range of IPs, then use CIDR notation to specify the range. You can also use Deny in combination with Allow statement to block many IP addresses except a few. Finally, please note, if you place the statement in server block it will restrict access to all URLs on your server. So be careful how you use it. Nevertheless, it is very easy and flexible to control access in NGINX.<\/p>\n\n\n\n<p>Also read:<br><a href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-url\/\">How to Restrict Access to URL in NGINX<\/a><br><a href=\"https:\/\/ubiq.co\/tech-blog\/how-to-configure-nginx-log-rotation\/\">How to Configure Log Rotation in NGINX<\/a><br><a href=\"https:\/\/ubiq.co\/tech-blog\/how-to-fix-nginx-worker-connections-are-not-enough\/\">How to Fix Too Many Workers Error in NGINX<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/ubiq.co\/\">Ubiq<\/a>&nbsp;makes it easy to visualize data in minutes, and monitor in real-time dashboards.&nbsp;<a href=\"http:\/\/ubiq.co\/accounts\/register\">Try it<\/a> today!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.<\/p>\n","protected":false},"author":1,"featured_media":2781,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[9],"tags":[249],"class_list":["post-2775","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nginx","tag-restrict-access"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NGINX Restrict Access to Directory and Subdirectories - Ubiq BI<\/title>\n<meta name=\"description\" content=\"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NGINX Restrict Access to Directory and Subdirectories - Ubiq BI\" \/>\n<meta property=\"og:description\" content=\"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/\" \/>\n<meta property=\"og:site_name\" content=\"Ubiq BI\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ubiqbi\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-17T06:45:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-24T07:37:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1460\" \/>\n\t<meta property=\"og:image:height\" content=\"730\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Sreeram Sreenivasan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@UbiqBI\" \/>\n<meta name=\"twitter:site\" content=\"@UbiqBI\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sreeram Sreenivasan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/\"},\"author\":{\"name\":\"Sreeram Sreenivasan\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/#\\\/schema\\\/person\\\/db98d49a766a3a111d8510935ab90abc\"},\"headline\":\"NGINX Restrict Access to Directory and Subdirectories\",\"datePublished\":\"2020-12-17T06:45:03+00:00\",\"dateModified\":\"2025-09-24T07:37:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/\"},\"wordCount\":931,\"image\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/ubiq.co\\\/tech-blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/nginx-restrict-access.png?fit=1460%2C730&ssl=1\",\"keywords\":[\"restrict access\"],\"articleSection\":[\"Nginx\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/\",\"url\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/\",\"name\":\"NGINX Restrict Access to Directory and Subdirectories - Ubiq BI\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/ubiq.co\\\/tech-blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/nginx-restrict-access.png?fit=1460%2C730&ssl=1\",\"datePublished\":\"2020-12-17T06:45:03+00:00\",\"dateModified\":\"2025-09-24T07:37:37+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/#\\\/schema\\\/person\\\/db98d49a766a3a111d8510935ab90abc\"},\"description\":\"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/ubiq.co\\\/tech-blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/nginx-restrict-access.png?fit=1460%2C730&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/ubiq.co\\\/tech-blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/nginx-restrict-access.png?fit=1460%2C730&ssl=1\",\"width\":1460,\"height\":730,\"caption\":\"restrict access to directory in nginx\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/nginx-restrict-access-to-directory-and-subdirectories\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NGINX Restrict Access to Directory and Subdirectories\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/#website\",\"url\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/\",\"name\":\"Ubiq BI\",\"description\":\"Build dashboards &amp; reports in minutes\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/#\\\/schema\\\/person\\\/db98d49a766a3a111d8510935ab90abc\",\"name\":\"Sreeram Sreenivasan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g\",\"caption\":\"Sreeram Sreenivasan\"},\"description\":\"Sreeram Sreenivasan is the Founder of Ubiq. He has helped many Fortune 500 companies in the areas of BI &amp; software development.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/sreeram-sreenivasan\\\/\"],\"url\":\"https:\\\/\\\/ubiq.co\\\/tech-blog\\\/author\\\/wordpress\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NGINX Restrict Access to Directory and Subdirectories - Ubiq BI","description":"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/","og_locale":"en_US","og_type":"article","og_title":"NGINX Restrict Access to Directory and Subdirectories - Ubiq BI","og_description":"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.","og_url":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/","og_site_name":"Ubiq BI","article_publisher":"https:\/\/www.facebook.com\/ubiqbi","article_published_time":"2020-12-17T06:45:03+00:00","article_modified_time":"2025-09-24T07:37:37+00:00","og_image":[{"width":1460,"height":730,"url":"https:\/\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png","type":"image\/png"}],"author":"Sreeram Sreenivasan","twitter_card":"summary_large_image","twitter_creator":"@UbiqBI","twitter_site":"@UbiqBI","twitter_misc":{"Written by":"Sreeram Sreenivasan","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#article","isPartOf":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/"},"author":{"name":"Sreeram Sreenivasan","@id":"https:\/\/ubiq.co\/tech-blog\/#\/schema\/person\/db98d49a766a3a111d8510935ab90abc"},"headline":"NGINX Restrict Access to Directory and Subdirectories","datePublished":"2020-12-17T06:45:03+00:00","dateModified":"2025-09-24T07:37:37+00:00","mainEntityOfPage":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/"},"wordCount":931,"image":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png?fit=1460%2C730&ssl=1","keywords":["restrict access"],"articleSection":["Nginx"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/","url":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/","name":"NGINX Restrict Access to Directory and Subdirectories - Ubiq BI","isPartOf":{"@id":"https:\/\/ubiq.co\/tech-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#primaryimage"},"image":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png?fit=1460%2C730&ssl=1","datePublished":"2020-12-17T06:45:03+00:00","dateModified":"2025-09-24T07:37:37+00:00","author":{"@id":"https:\/\/ubiq.co\/tech-blog\/#\/schema\/person\/db98d49a766a3a111d8510935ab90abc"},"description":"Learn how to limit access to directory and subdirectory in NGINX using deny and allow access control directives.","breadcrumb":{"@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#primaryimage","url":"https:\/\/i0.wp.com\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png?fit=1460%2C730&ssl=1","contentUrl":"https:\/\/i0.wp.com\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png?fit=1460%2C730&ssl=1","width":1460,"height":730,"caption":"restrict access to directory in nginx"},{"@type":"BreadcrumbList","@id":"https:\/\/ubiq.co\/tech-blog\/nginx-restrict-access-to-directory-and-subdirectories\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ubiq.co\/tech-blog\/"},{"@type":"ListItem","position":2,"name":"NGINX Restrict Access to Directory and Subdirectories"}]},{"@type":"WebSite","@id":"https:\/\/ubiq.co\/tech-blog\/#website","url":"https:\/\/ubiq.co\/tech-blog\/","name":"Ubiq BI","description":"Build dashboards &amp; reports in minutes","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ubiq.co\/tech-blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/ubiq.co\/tech-blog\/#\/schema\/person\/db98d49a766a3a111d8510935ab90abc","name":"Sreeram Sreenivasan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4b3127ed2d4bb8efb3fa0bbb52cf2efd4d0156c97fc05a503537c883e8279947?s=96&d=mm&r=g","caption":"Sreeram Sreenivasan"},"description":"Sreeram Sreenivasan is the Founder of Ubiq. He has helped many Fortune 500 companies in the areas of BI &amp; software development.","sameAs":["https:\/\/www.linkedin.com\/in\/sreeram-sreenivasan\/"],"url":"https:\/\/ubiq.co\/tech-blog\/author\/wordpress\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/ubiq.co\/tech-blog\/wp-content\/uploads\/2020\/12\/nginx-restrict-access.png?fit=1460%2C730&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/pbGGTT-IL","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/posts\/2775","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/comments?post=2775"}],"version-history":[{"count":19,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/posts\/2775\/revisions"}],"predecessor-version":[{"id":9644,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/posts\/2775\/revisions\/9644"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/media\/2781"}],"wp:attachment":[{"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/media?parent=2775"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/categories?post=2775"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ubiq.co\/tech-blog\/wp-json\/wp\/v2\/tags?post=2775"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}