Hello, [...]
> ``` > The goal is to bypass SSO if a correct HTTP Basic Auth header is present > while making sure connections are only from said IPs. > > When I disable the IP check it works flawlessly. How could I separate these > requirements? > > So (SSO or Basic Auth) and Correct IP Just use the geo module and "if" to reject unwanted IPs. "If" is evaluated prior to access & post_access phases, where auth_basic and co are evaluated. geo $allowed_ip { xxx.xxx.xxx.xxx/24 1; default 0; } ... location / { if ($allowed_ip = 0) { return 403; } ....rest of config without allow/deny. } _______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx