|
在nginx中实现禁止访问的例子,主要是介绍server配置段的相关内容
nginx配置要求:
nginx.conf配置如下:
复制代码代码示例:
#www.it.net.cn
(责任编辑:IT)server { listen 80; server_name search.ext.it.net.cn keyword.it.net.cn; index index.jsp; root /opt/search2.5; location /nginx_status { stub_status on; access_log off; } #特殊的规则放在最前面,只暴露这一个接口 location = /search { proxy_next_upstream error timeout http_500 http_503; proxy_pass http://resin3.0; keepalive_timeout 30; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 15m; client_body_buffer_size 128k; proxy_connect_timeout 130; proxy_send_timeout 30; proxy_read_timeout 30; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; index index.jsp; expires 1h; allow all; } #通用规则 location ~* \.(jsp|do|html|gif|jpg|js|css|png)$ { proxy_next_upstream error timeout http_500 http_503; proxy_pass http://resin3.0; keepalive_timeout 30; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 15m; client_body_buffer_size 128k; proxy_connect_timeout 130; proxy_send_timeout 30; proxy_read_timeout 30; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; index index.jsp; expires 1h; #禁止外网访问 allow 192.168.1.1/250; allow 127.0.0.1/250; #deny all; } location / { #禁止外网访问 allow 192.168.1.1/250; allow 127.0.0.1/250; deny all; root /opt/search2.5; index index.jsp; expires 60; keepalive_timeout 60; } #对不以“/”结尾的目录,默认转发到带“/”的url if (-d $request_filename){ rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent; } access_log logs/search.log main; error_log logs/search_error.log; error_page 403 /index.jsp; error_page 404 /index.jsp; } |