Nginx access control configuration to restrict access to specified users

Nginx access control configuration, restricting access to specified users

In the web server, access control is an important security measure used to limit the access rights of specific users or IP addresses. As a high-performance web server, Nginx also provides powerful access control functions. This article will introduce how to use Nginx configuration to limit the access permissions of specified users, and provide code examples for reference.

First, we need to prepare a basic Nginx configuration file. Assume that we already have a website and the configuration file path is /etc/nginx/nginx.conf. In this configuration file, we will add the following access control configuration:

http {
  # 其他配置内容...
  
  # 定义一个验证文件，包含允许访问的用户名及密码
  auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
  
  # 定义一个location块，对指定URL路径进行访问控制
  location /private {
    # 开启基于HTTP基本认证的访问控制
    auth_basic "Restricted";
    
    # 指定只对特定用户名进行访问控制
    auth_basic_user_file /etc/nginx/conf.d/.htpasswd;
    
    # 其他配置内容...
  }
}

In the above configuration, we used the auth_basic_user_file directive to define an authentication file that contains the users allowed access name and corresponding password. The path of this verification file is /etc/nginx/conf.d/.htpasswd, we can change it according to actual needs.

Next, we use the location block to perform access control on the specified URL path. In the example, we use /private as the path with restricted access. You can adjust it according to the actual situation. In the location block, we use the auth_basic directive to enable access control based on HTTP basic authentication.

In order to restrict access to only specific users, we use the auth_basic_user_file directive again and specify the path to the verification file. This way, only usernames present in the verification file can access restricted URL paths.

Next, we need to prepare the verification file .htpasswd. This file can be generated using the htpasswd command, which is a tool provided by Apache HTTP Server. Execute the following command in the terminal to generate the verification file:

htpasswd -c /etc/nginx/conf.d/.htpasswd user1

The above command will generate a .htpasswd file under the specified path and set the password for user user1. In order to add more users, you can remove the -c option, as shown below:

htpasswd /etc/nginx/conf.d/.htpasswd user2

After this, you can continue to set passwords for more users as needed.

Finally, we need to restart the Nginx server to make the configuration take effect. Execute the following command in the terminal:

sudo service nginx restart

Now, only users present in the verification file can access the restricted URL path. Other users will not be able to pass authorization, thus increasing the security of the website.

Summary:

This article introduces how to use Nginx configuration to limit the access permissions of specified users. First, we defined the path to the verification file in the Nginx configuration file and enabled access control based on HTTP basic authentication. Then, the URL path to which access is restricted is specified through the location block, and the path to the verification file is specified again to restrict access to only specific users. Finally, we used the htpasswd command to generate the verification file and restarted the Nginx server to make the configuration take effect.

I hope this article will help you understand Nginx access control configuration and learn to restrict the access permissions of specified users. If you have other questions, you can refer to Nginx official documentation or conduct further consultation and research.

The above is the detailed content of Nginx access control configuration to restrict access to specified users. For more information, please follow other related articles on the PHP Chinese website!