Allowing web access to forbidden directories

By default, the security rules on MageStack prevent web access to important Magento directories. For example, if you need to access a file via a web browser in ./var/export - you'll see a 403 Forbidden message.

Examples

Granting access by IP

Using some Nginx rules, its possible to permit access to the var directory. Use an obscure URL to hide the directory (if desired), in this example, /secure has been used in place of /var.

In ___general/example.com.conf add the following,

location ~* ^/(secure|var)/(?<directory>(export)) {
  rewrite ^/([^/]+)/([^/]+)/(.*)$ /var/$2/$3 break;
  allow 127.0.0.1;
  deny all;
  break;
}

Add more IP addresses to the access list by adding the following line (repeat as many times as necessary),

allow 127.0.0.1;

Then access the new URL, Eg. https://www.example.com/secure/export/my_export.csv