block access by ip

[elclay7]

I'm trying to block access by ip but this doesn't work, this is my configuration:
vhost.d/site.com.conf

`
server {
listen 80;
server_name site.com;

location / {
    allow 1.1.0.0/16;
    allow 2.2.0.0/14;
    allow 3.3.0.0/24;
    deny all;
    auth_basic "STOP";
    auth_basic_user_file /etc/nginx/htpasswd/site.com;
    try_files $uri $uri/ =404;
}

}
`

Request a username and password: works
Only allow access to described ips: doesn't work

Maybe I'm doing something wrong or the configuration is being overwritten, can someone guide me please.

[SchoNie]

You want to have basic auth + allow list? Both conditions needs to be true?

I think you need to look in the satisfy directive.
satisfy all; so both the allow + auth_basic condition needs to be true. Which is default.
satisfy any; if at least one condition needs to be true.

[elclay7]

Thanks for your answer, it guides me a lot.
Yes, I need both conditions to be met, the way to achieve it was the following
The /etc/nginx/vhost.d/site.com file should only have this:

     allow 1.1.0.0/16;
     allow 2.2.0.0/14;
     allow 3.3.0.0/24;
     deny all;

And to request a password, just create it with htpasswd -c /etc/nginx/htpasswd/site.com, it is not necessary to add conf lines in the previous conf file (vhost.d/site.com), it is important that the names of the configuration files are named like the site (site.com) and not end in .conf
With this the configuration will be added to the main file that is regenerated every time nginx is restarted /etc/nginx/conf.d/default.conf and both conditions are applied, restriction by ip and then username and password