Last active
February 8, 2018 07:20
-
-
Save StevenJL/84c0b0d10e5813f649b693102d5e1aaa to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| # Deny all ip addresses from range 192.168.1.0 - 192.168.1.255 | |
| # since the /24 means the first 24 bits of the ip address (ie. 192.168.1) | |
| # is the network number, so deny all ips that belong to that network number. | |
| deny 192.168.1.0/24; | |
| allow all; | |
| location /admin { | |
| # Allow only ip addresses from the range 10.132.3.0 - 10.132.3.255 | |
| allow 10.132.3.0/24; | |
| # Allow only ip addresses from the range 10.144.25.0 - 10.144.25.255 | |
| allow 10.144.25.0/24; | |
| deny all; | |
| } | |
| location /everyone_but_bob { | |
| # Sometime we want a whole range except for one ip | |
| deny 10.169.42.66; | |
| allow 10.169.42.0/24; | |
| deny all; | |
| } | |
| location /behind_basic_auth { | |
| # Put this section behind a basic authentication | |
| auth_basic "Need Password and Login"; | |
| # The file will contain the following format: | |
| # username1:encrypted_password1 | |
| # username2:encrypted_password2 | |
| # username3:encrypted_password3 | |
| auth_basic_user_file /etc/nginx/auth.d/auth.pwd; | |
| } | |
| } | |
| # vi: ft=nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment