本文章主要介绍了nginx配置白名单,具有不错的的参考价值,希望对您有所帮助,如解说有误或未考虑完全的地方,请您留言指出,谢谢!
配置如下:
http模块:
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
geo $remote_addr $geo {
default 0; #0表示禁止访问
127.0.0.1 1; #1表示可以访问
}
include /usr/local/nginx/conf.d/*.conf;
}
server模块:
server {
listen 80;
server_name jenkins.aa.bb;
location / {
# 如果不是白名单则 显示403 禁止访问
if ( $geo = 0 ) {
return 403;
}
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
#proxy_pass http://127.0.0.1:9792;
proxy_pass http://127.0.0.1:59932;
proxy_read_timeout 90;
#proxy_redirect http://127.0.0.1:9792 https://jenkins.qinhej.top;
#Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
}
}
原创文章,作者:6024010,如若转载,请注明出处:https://blog.ytso.com/228331.html