随笔-2005  评论-116  文章-4 

nginx限制请求之四:目录进行IP限制

相关文章:

高可用服务设计之二:Rate limiting 限流与降级

nginx限制请求之一:(ngx_http_limit_conn_module)模块

nginx限制请求之二:(ngx_http_limit_req_module)模块

nginx限制请求之三:Nginx+Lua+Redis 对请求进行限制

nginx限制请求之四:目录进行IP限制

 

一个不错的nginx中针对目录进行IP限制 ,这里我以phpmyadmin目录只能让内网IP访问,而外网不能访问的配置方法,有需要的同学可参考。

server {

  listen       80;

  server_name example.com;

  access_log logs/access.log main;

  location / {

      root   html;

      index index.php index.html index.htm;

  }

location ~ ^/phpmyadmin/ {

      allow 192.168.1.0/24;

      deny all;

      location ~ .*.(php|php5)?$ {

          root /var/mailapp/nginx/html;

          fastcgi_pass   127.0.0.1:9000;

          fastcgi_index index.php;

          include        fastcgi_params;

      }

  }

location ~ .*.(php|php5)?$ {

      root /opt/nginx/html;

      fastcgi_pass   127.0.0.1:9000;

      fastcgi_index index.php;

      include        fastcgi_params;

   }

}

nginx phpmyadmin 针对内网ip用户开放、外网ip用户关闭(在前面的配置中,location ~ ^/目录/使用正则, 优先级高于location /的配置,所以nginx无法对首页进行解析)

我们也可以这样配置

 

server {
        listen       80;
        server_name example.com;
        access_log logs/access.log main;
        location / {
        root   html;
        index index.php index.html index.htm;
        }
              location ~ ^/download/ {
                                allow 192.168.1.0/24;
                                deny all;
                                index index.php index.do index.html index.htm;
                                location ~ .*.(php|php5)?$ {
                                        root /var/mailapp/nginx/html;
                                        fastcgi_pass   127.0.0.1:9000;
                                        fastcgi_index index.php;
                                        include        fastcgi_params;
                                }
                        }
 
 
location ~ .*.(php|php5)?$ {
                      root /opt/nginx/html;
                      astcgi_pass   127.0.0.1:9000;
                      fastcgi_index index.php;
                      include        fastcgi_params;
                      } 

限制指定的连接只允许 某个指定的IP 能行访问

posted on 2015-10-28 23:52 duanxz 阅读(...) 评论(...) 编辑 收藏