How to Whitelist Directory in NGINX

how to whitelist directory nginx

Sometimes, you may need to whitelist specific directories and subfolders in an otherwise protected website. Let us take a look at how to whitelist directory in NGINX.


How to Whitelist Directory in NGINX

Here are the steps to whitelist directory in NGINX.



1. Open NGINX config file

Open NGINX config file in a text editor. You will typically find it at /etc/nginx/nginx.conf

$ sudo vim /etc/nginx/nginx.conf


2. Whitelist Directory

Let’s say all pages on your website/portal are password protected/restricted and you want to allow access to all for specific directory (e.g /phpmyadmin/). In that case, add the following code to your config file. The idea is to deny all access and then allow access to specific URLs and directories.

upstream _php {
server unix:/var/run/php-fpm/php-fpm.sock;

server {

root /path/to/root;
index index.php;

include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

# deny everything
location / { deny all; }

# allow access to phpmyadmin
location /phpmyadmin/ { } # Allow access .php files in /phpmyadmin/
location ~ ^/phpmyadmin/.*\.php$ { fastcgi_pass _php; } 


The above code will disable any authentication to the specified directories. In the above case, fastcgi_params are inherited by both location blocks (for index.php and phpmyadmin) that are passed by fastcgi_pass. You can change them as per your requirements.


3. Reload NGINX web server

Reload NGINX server to apply changes.

$ sudo service nginx reload



About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!