Add an Nginx proxy configuration that allows only internal IP access to the implementation methods

location / {
index index.jsp;
proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
deny 192.168.1.1;
allow 127.0.0.0/24;
allow 123.56.0.0/16;
allow 172.16.0.0/16;
allow 10.170.0.0/16;
deny all;
}

Above is my location configuration list

Matters needing attention:

1. deny 1 must be added with an ip, otherwise it will jump to 403 and not be executed. If the default page of 403 is under the same domain name, it will cause an endless cycle of access.

2. ip segment of allow

Rank from small to large from the bits that are allowed to be accessed, such as: 127.0.0.0/24

The following is: 10.170.0.0/16

24 represents the subnet mask :255.255.255.0

16 represents the subnet mask :255.255.0.0

8 represents the subnet mask :255.0.0.0

3. deny all; At the end

All except allow above are prohibited

The above is the introduction of all knowledge content, thank you for your study and the site's support.