On Tue, Feb 26, 2013 at 10:45 AM, Brian May <brian@microcomaustralia.com.au> wrote:

On 26 February 2013 10:22, Brett Pemberton <brett.pemberton@gmail.com> wrote:

server {
listen [::]:80;

Depending on how IPV6_V6ONLY is set (default is /proc/sys/net/ipv6/bindv6only and can be changed per application), the above might only be listening for IPv6 connections.

To try and eliminate ipv6 as an issue, I created test2.whatevz.net which is just an A record.

The nginx server block is identical.

Same issue.

I'm sure it's hitting that block, because if I issue a 'return 403' after the 'deny all', then as expected you now get a 403.

It just doesn't deny without the return afterwards, which breaks other deny sections where I can't do that.

/ Brett