一、基于用户的访问控制
1. 安装htpasswd
yum -y install httpd-tools
2. 生成密码文件
账号:admin
密码:123123
htpasswd -c -b /usr/local/nginx/passwd.db admin 123123
3. 查看账号密码是否生成
cat /usr/local/nginx/passwd.db
admin:$apr1$FbEOrCmi$dfoiIQSpgye.iMB6YXiFF0
4. 更改passwd.db文件的权限
chmod 400 /usr/local/nginx/passwd.db
chown nginx:nginx /usr/local/nginx/passwd.db
5. 编辑nginx配置文件
在localtion段中添加
auth_basic "secret" ;
auth_basic_user_file /usr/local/nginx/passwd.db ;
vim /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.245.66:1234;
server_name 192.168.245.66;
charset utf-8;
access_log /usr/local/nginx/logs/nginxyuming.log ;
location / {
root /nginx/ ;
index nginxyuming.html ;
auth_basic "secret" ;
auth_basic_user_file /usr/local/nginx/passwd.db ;
}
二、 基于IP的访问控制
deny ip/ip段
allow ip/ip段
规则匹配从上往下,如匹配,则停止
vim /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.245.66:1234;
server_name 192.168.245.66;
charset utf-8;
access_log /usr/local/nginx/logs/nginxyuming.log ;
location / {
root /nginx/ ;
index nginxyuming.html ;
auth_basic "secret" ;
auth_basic_user_file /usr/local/nginx/passwd.db ;
deny 192.168.223.0/24
allow 192.168.245.0/24
deny all
}