Posted
Filed under nginx
[참고]http://nginx.org/en/docs/http/ngx_http_access_module.html

특정 아이피를 지정 하여 허용하려면
allow 192.168.1.20
allow 192.168.1.0/24;
allow 10.1.1.0/16;
allow 2001:0db8::/32;
등등 다음과 같이 허용할 아이피 또는 아이피 대역대를 설정 하고
deny  all;
를 설정하면 ... 허용된 아이피를 제외한 모든 아이피가 차단된다.

[Example]
location / {
    deny  192.168.1.1;
    allow 192.168.1.0/24;
    allow 10.1.1.0/16;
    allow 2001:0db8::/32;
    deny  all;
}

The rules are checked in sequence until the first match is found. In this example, access is allowed only for IPv4 networks 10.1.1.0/16 and 192.168.1.0/24 excluding the address 192.168.1.1, and for IPv6 network 2001:0db8::/32. In case of a lot of rules, the use of the ngx_http_geo_module module variables is preferable.

Directives

Syntax: allow address | CIDR | unix: | all;
Default:
Context: http, server, location, limit_except

Allows access for the specified network or address. If the special value unix: is specified (1.5.1), allows access for all UNIX-domain sockets.

Syntax: deny address | CIDR | unix: | all;
Default:
Context: http, server, location, limit_except

Denies access for the specified network or address. If the special value unix: is specified (1.5.1), denies access for all UNIX-domain sockets.

2018/01/03 10:21 2018/01/03 10:21