Nginx restricts IP from accessing certain pages
- 2021-08-12 03:57:00
- OfStack
1. To prevent all IP from accessing a1. htm a2. htm a3. htm, these three pages can be written as follows in location
location ~* /(a1.htm|a2.htm|a3.htm)$ {
deny all;
condition ...... ;
}
2. Only the specified ip is allowed to access the three pages of a1. htm a2. htm a3. htm, and the access of other IP is denied
location ~* /(a1.htm|a2.htm|a3.htm)$ {
allow 10.0.0.2;
deny all;
condition ...... ;
}
Only hosts with ip address 10.0. 0.2 can play these three pages with this setting, and all other ip are rejected.
Other cases can be analogized.
For example, I need to specify that only 8.8. 8.8 ip can access the info. php page. Then you can add the following configuration in nginx-server
If the info. php page is accessed other than 8.8. 8.8, 403 is returned
The jump address needs to be added after it, proxy_pass http://192.168.1.110: 10480; Otherwise, a 404 error will occur.
location ~/info.php$ {
if ($remote_addr != '8.8.8.8' ) {
return 403;
}
proxy_pass http://192.168.1.110:10480;
}
}
You can also add in the server code
location ~/info.php$ {
allow 8.8.8.8;
deny all;
condition ...... ;
}
1-like effect
How do you configure to disable ip or ip segments?
The following description assumes that the directory of nginx is in the/usr/local/nginx/
First, create a configuration file blockips. conf for ip, then vi blockips. conf edit this file and enter the ip to be sealed in the file.
deny 1.2.3.4;
deny 91.212.45.0/24;
deny 91.212.65.0/24;
Then save this file and open the nginx. conf file and add the following 1 line configuration in the http configuration section:
include blockips.conf;
Save the nginx. conf file, and then test whether the current nginx configuration file is legal:
/usr/local/nginx/sbin/nginx -t
If there is no problem with the configuration, it will output:
the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
configuration file /usr/local/nginx/conf/nginx.conf test is successful
If there is a problem with the configuration, you need to check where there is a syntax problem. If there is no problem, you need to execute the following command to let nginx reload the configuration file.
/usr/local/nginx/sbin/nginx -s reload
Only certain ip are allowed to access the page, or certain ip are prohibited from accessing the page
server_name es.mila66.com;
location / {
include /etx/nginx/all/ip.conf;
deny all;
The file format inside ip. conf:
allow 192.168.1.11;
allow 192.168.1.12;
In this way, only some ip are allowed to access the page.
If some IP access is prohibited, you only need to modify it as follows: change allow to deny.
server_name es.mila66.com;
location / {
include /etx/nginx/all/ip.conf;
allow all;
File format in ip. conf:
deny 192.168.1.11;
deny 192.168.1.12;
nginx -s reload
Restart the server