nginx访问控制
命令
allow:设定允许哪台或哪些主机访问,多个参数间用空格隔开
allow:
语法: allow address | CIDR | unix: | all;
默认值: —
配置段: http, server, location, limit_except
deny解释:禁止某个IP或者IP网段访问
deny:
语法: deny address | CIDR | unix: | all;
默认值: —
配置段: http, server, location, limit_except
示例:
…………
location / {
…………
allow 192.168.174.173; //仅允许192.168.174.173主机访问
deny all; //拒绝所有主机访问"/"
}
…………
[root@nginx ~]# systemctl restart nginx.service
[root@nginx ~]# curl 127.0.0.1 //本机已经访问不了
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.22.0</center>
</body>
</html>
[root@173 ~]# curl 192.168.174.168 //192.168.174.173主机可以访问
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<