Location /register not working in NGINX

Hi :slight_smile:
Im trying to play a little bit with NGINX to allow only to one specific IP be able to access the register feature like this:

location /register {
allow XXX.XXX.XXX.XXX;
deny all;
}

But its not working:

  1. Any other IP that is not allowed gets a 403 Forbidden error -> this is expected
  2. The allowed IP gets a 404 Not Found error -> this is not expected
    Logs shows this:
    /etc/nginx/html/register" failed (2: No such file or directory)

Any ideas about why this is happening?

Thanks a lot in advance.

Hey @Xperez!

Your NGINX rule captures the incoming traffic to the /register location, but it doesn’t redirect it anywhere. To be able to access the /register page, you should add something like try_files $uri @proxy_to_lms_app; at the end to have your request passed forward.

While this is going to work, you can consider additional layer of blocking the registration page, because this one can be bypassed like this:

  1. Enter /login page.
  2. Click “Create an Account.”.

If you want to disable this, you can set ALLOW_PUBLIC_ACCOUNT_CREATION feature to false to disable the mentioned link and Register button, so you will be able to access the /register page only via its URL.

1 Like