In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
Today, I will talk to you about how to configure access restrictions in Nginx. Many people may not know much about it. In order to make you understand better, the editor has summarized the following for you. I hope you can get something from this article.
Introduction to IP-based access control:
By configuring ip-based access control, some ip can be accessed and which ip can not be accessed.
This is the configuration method that allows access
Configuration syntax: allow address | CIDR | unix | all
Default configuration: no configuration
Configuration path: http, server, location, limit_except
This is a configuration that does not allow access
Method configuration syntax: deny address | CIDR | unix | all
Default configuration: no configuration
Configuration path: http, server, location, limit_except
Testing based on IP access restrictions
1. Check the local ip address. If it is a public network, check it on ip138. If it is an experiment, use cmd to check.
two。 Add an admin.html file to the / opt/app/code/ directory, which is a normal admin page with a background color
3. In the / etc/nginx/conf.d/ directory, modify the default.conf file by adding the following
As you can see from the figure above, a location is added to match admin.html, and a configuration based on ip restrictions is set to restrict 192.xx.xx.xx from access, and others can be accessed.
4. Reload nginx
5. Enter the URL in the browser to view the log
6. From the figure above, it has been implemented to restrict the access of a certain ip. If only a certain ip is allowed, you only need to change the keyword.
Example:
1. Server global IP limit
# vi nginx.conf allow 10.115.0.116; # allowed IP deny all
Site-limited IP
# vi vhosts.conf site global limit IP:location / {index index.html index.htm index.php; allow 10.115.0.116; deny all
Site directory restrictions
Location ^ ~ / test/ {allow 10.115.0.116; deny all
Access control based on login user trust
For example, when we access apache information, a user password box pops up to perform a pre-access authentication.
Configuration syntax: auth_basic string | off
Default configuration: auth_basic off
Configuration path: http, server, location, limit_except
Match configuration syntax: auth_basic_user_file filePath
Match default configuration: no configuration
Match configuration paths: http, server, location, limit_except
1. You need to add an identity file, the auth_conf file, which uses a htpasswd tool
Use the command htpasswd-c. / auth_conf root
Explain: htpasswd command-c: the default is to use md5 encryption,. / auth_conf is the specified path and file, and root is the user name.
After entering, the password will be entered twice.
two。 Modify the default.conf configuration file as follows
3. Reload nginx
4. Enter the URL, view the results, and you can see that you need to enter identity information before you can access
After reading the above, do you have any further understanding of how to configure access restrictions in Nginx? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.