Allowing web access to forbidden directories
Table of Contents
By default, the security rules on MageStack prevent web access to important Magento directories. For example, if you need to access a file via a web browser in ./var/export
- you'll see a 403 Forbidden
message.
Examples
Granting access by IP
Using some Nginx rules, its possible to permit access to the var
directory. Use an obscure URL to hide the directory (if desired), in this example, /secure
has been used in place of /var
.
In ___general/example.com.conf
add the following,
location ~* ^/(secure|var)/(?<directory>(export)) {
rewrite ^/([^/]+)/([^/]+)/(.*)$ /var/$2/$3 break;
allow 127.0.0.1;
deny all;
break;
}
Add more IP addresses to the access list by adding the following line (repeat as many times as necessary),
allow 127.0.0.1;
Then access the new URL, Eg. https://www.example.com/secure/export/my_export.csv