nginx如果多层代理,需要建立客户端IP地址白名单.通过http_x_forwarded_for获取IP.
变量放在 location 下面
location / {
set $allowip '';
if ($http_x_forwarded_for ~* "ip1"){set $allowip 6;}
if ($http_x_forwarded_for ~* "ip2"){set $allowip 6;}
if ( "$allowip" != 6 ) {
return 403;
}
}
实现ip1或者ip2可以访问,否则返回403.