If you are not serving drupal out of a subdirectory use this config example:
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
Some modules enforce no slash (/) at the end of the URL
Else this rewrite block wouldn't be needed (GlobalRedirect)
rewrite ^/(.*)$ /index.php?q=$1;
}
location /user {
allow 127.0.0.1;
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 192.168.0.0/16;
deny all;
try_files $uri @rewrite;
}
location /User {
allow 127.0.0.1;
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 192.168.0.0/16;
deny all;
try_files $uri @rewrite;
}
If you are serving drupal out of a subdirectory /some_subdir and want to block access to the /user URI based on ip
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# Drupal in a subdirectory
rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
}
location /some_subdir/user {
allow 127.0.0.1;
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 192.168.0.0/16;
deny all;
try_files $uri @rewrite;
}
location /some_subdir/User {
allow 127.0.0.1;
allow 10.0.0.0/8;
allow 172.16.0.0/12;
allow 192.168.0.0/16;
deny all;
try_files $uri @rewrite;
}