How to setup diffferent location properties on nginx server block configuration files?

I'm very new to configuring a server. I followed a tutorial which indicates denying all requests not targeted to root, which makes perfect sense:

server {
        listen 80;
        listen [::]:80;

        root /var/www/yourdomain.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name yourdomain.com www.nelsonserpa.com;

        location / {
                try_files $uri $uri/ =404;
        }
}

However, I need o install certbot's tls/ssl to enable https. And certbot is failing because file location is not accessible. I needs to access mydomain.com/.well-known/acme-challenge/<credential>

It seems I need to set location to:

        location ~ /.well-known/ {  
          allow all;
        }

How do I keep refusing connections elsewhere but this specific folder?

THis is the solution for the infamous certbot 404 issue

server {

        root /var/www/yoursite.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name yoursite.com www.yoursite.com;

        location / {
                try_files $uri $uri/ =404;
        }

        location /.well-known/acme-challenge {
          default_type text/plain;
          root /etc/letsencrypt/webroot;
        }