What is nginx access restriction configuration
nginx access restriction can be based on two aspects, one is IP-based access control, and the other is user-based trust login control
Below we will introduce these two methods one by one
Introduction to IP-based access control:
Can be configured through IP-based access control achieves the effect of allowing certain IPs to be accessible and restricting which IPs cannot be accessed
This is the configuration method to allow access
Configuration syntax: allow address | cidr | unix | all;
Default configuration: no configuration
Configuration path: under http, server, location, limit_except;
This is a configuration that does not allow access
Method configuration syntax: deny address | cidr | unix | all;
Default configuration: no configuration
Configuration path: under http, server, location, limit_except;
Testing based on IP access restrictions
1. Check the local IP address. If it is a public network, go to the ip138 network to check. If it is a test, use cmd Check.
2. Add an admin.html file in the /opt/app/code/ directory, which is a normal admin page with a background color
3. In /etc/nginx/ In the conf.d/ directory, modify the default.conf file and add the following content
As can be seen from the above figure, a location has been added to match admin.html and set in it After configuring based on IP restrictions, 192.xx.xx.xx will be restricted and not allowed to be accessed, while others can be accessed.
4. Reload nginx
5. Enter the URL in the browser and view the log
6. From the above picture, it can be seen that the access to a certain IP has been restricted. If only a certain IP is allowed to access, you only need to change the keyword.
Example:
1. Server-wide ip limit
#vi nginx.conf allow 10.115.0.116; #允许的ip deny all;
2. Site limit ip
#vi vhosts.conf
站点全局限ip:
location / {
index index.html index.htm index.php;
allow 10.115.0.116;
deny all;Site directory restrictions
location ^~ /test/ {
allow 10.115.0.116;
deny all;Access control based on login user trust
For example, we When accessing apache information, a user password box prompt pops up to perform a pre-access verification.
Configuration syntax: auth_basic string | off;
Default configuration: auth_basic off;
Configuration path: http, server, location, limit_except;
Match configuration syntax: auth_basic_user_file filepath;
Match default configuration: No configuration
Match configuration path: http, server, location, limit_except;
1. You need to add an identity file, auth_conf file, here use an htpasswd tool
Use the command htpasswd -c ./auth_conf root;
Explain: htpasswd command -c: The default is Use md5 encryption, ./auth_conf is the specified path and file, root is the user name
After entering, the password will be entered twice
2. Modify default .conf configuration file, modify the content as follows
3. Reload nginx
4. Enter the URL and check the results. You can see that you need to enter identity information to access
The above is the detailed content of How to configure Nginx access restrictions. For more information, please follow other related articles on the PHP Chinese website!
How to start nginxApr 14, 2025 pm 01:06 PMQuestion: How to start Nginx? Answer: Install Nginx Startup Nginx Verification Nginx Is Nginx Started Explore other startup options Automatically start Nginx
How to check whether nginx is startedApr 14, 2025 pm 01:03 PMHow to confirm whether Nginx is started: 1. Use the command line: systemctl status nginx (Linux/Unix), netstat -ano | findstr 80 (Windows); 2. Check whether port 80 is open; 3. Check the Nginx startup message in the system log; 4. Use third-party tools, such as Nagios, Zabbix, and Icinga.
How to close nginxApr 14, 2025 pm 01:00 PMTo shut down the Nginx service, follow these steps: Determine the installation type: Red Hat/CentOS (systemctl status nginx) or Debian/Ubuntu (service nginx status) Stop the service: Red Hat/CentOS (systemctl stop nginx) or Debian/Ubuntu (service nginx stop) Disable automatic startup (optional): Red Hat/CentOS (systemctl disabled nginx) or Debian/Ubuntu (syst
How to configure nginx in WindowsApr 14, 2025 pm 12:57 PMHow to configure Nginx in Windows? Install Nginx and create a virtual host configuration. Modify the main configuration file and include the virtual host configuration. Start or reload Nginx. Test the configuration and view the website. Selectively enable SSL and configure SSL certificates. Selectively set the firewall to allow port 80 and 443 traffic.
How to solve nginx403 errorApr 14, 2025 pm 12:54 PMThe server does not have permission to access the requested resource, resulting in a nginx 403 error. Solutions include: Check file permissions. Check the .htaccess configuration. Check nginx configuration. Configure SELinux permissions. Check the firewall rules. Troubleshoot other causes such as browser problems, server failures, or other possible errors.
How to start nginx in LinuxApr 14, 2025 pm 12:51 PMSteps to start Nginx in Linux: Check whether Nginx is installed. Use systemctl start nginx to start the Nginx service. Use systemctl enable nginx to enable automatic startup of Nginx at system startup. Use systemctl status nginx to verify that the startup is successful. Visit http://localhost in a web browser to view the default welcome page.
How to check whether nginx is started?Apr 14, 2025 pm 12:48 PMIn Linux, use the following command to check whether Nginx is started: systemctl status nginx judges based on the command output: If "Active: active (running)" is displayed, Nginx is started. If "Active: inactive (dead)" is displayed, Nginx is stopped.
How to solve nginx304 errorApr 14, 2025 pm 12:45 PMAnswer to the question: 304 Not Modified error indicates that the browser has cached the latest resource version of the client request. Solution: 1. Clear the browser cache; 2. Disable the browser cache; 3. Configure Nginx to allow client cache; 4. Check file permissions; 5. Check file hash; 6. Disable CDN or reverse proxy cache; 7. Restart Nginx.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
