模块
http_access_module
IP|网段|socket|允许所有
Syntax: allow address | CIDR |UNIX: |all;
Default: –
Context:http,server,location,limit_except
IP|网段|socket|不 允许所有
Syntax: deny address | CIDR |UNIX: |all;
Default: –
Context:http,server,location,limit_except
局限性
1、采用别的HTTP头信息控制访问,如 HTTP_X_FORWORD_FOR
2、结合GEO模块
3、通过HTTP自定义变量传递
http_auth_basic_module
Syntax:auth_basic string |off;
Default: auth_basic off;
Context:http,server,location,limit_expect
Syntax:auth_basic_user_file fie;
Default:-
Context:http,server,location,limit_expect
更好的方式
1、Nginx+LUA实现高效验证
2、Nginx和LDAP