# 允许哪些 ip(address)、网段(CIDR)、socket方式(unix:)、所有(all) 可以访问
Syntax: allow address|CIDR|unix:|all;
Default:
Context:http,server,location,limit_except
# 不允许....
Syntax: deny address|CIDR|unix:|all;
Default:
Context:http,server,location,limit_except
#限制我的ip不可访问,其他所有的都可以访问
#被限制的ip会显示 403 Forbidden
location ! ^/admin.html {
root /usr/share/nginx/html;
deny 140.207.236.xxx;
allow all;
}
#只允许以下网段访问,其他一概不允许访问
location ! ^/admin.html {
root /usr/share/nginx/html;
allow 182.168.173.0/24;
deny all;
}
http_x_forwarded_for = ClientIP,Proxy1_IP,Proxy2_IP ...
# x_forwarded_for不仅包含ClientIP,还包含中间的代理ip
# 开启认证,string代表开启,off代表关闭,string可以是任意值,一般是提示语
Syntax: auth_basic string|off;
Default: auth_basic off;
Context: http, server, location, limit_except
# 使用文件认证用户名密码
Syntax: auth_basic_user-file file;
Default:
Context: http, server, location, limit_except
# 生成密码文件
# htpasswd -c /etc/nginx/auth_conf 用户名
# 期间需要手动输入面膜
htpasswd -c /etc/nginx/auth_conf admin
New password:
Re-type new password:
Adding password for user admin
# 查看文件
[root@localhost html]# cat /etc/nginx/auth_conf
admin:$apr1$Kjg/tGgG$US4oklegzqMq7QITWoaj/0
# 配置nginx配置
location ~ ^/admin.html {
root /usr/share/nginx/html;
auth_basic "Please input your password!";
auth_basic_user_file /etc/nginx/auth_conf;
}