How to block access to files/folders by ip address?

A

Anatoly2021-09-12 20:25:01

Nginx

Anatoly, 2021-09-12 20:25:01

How to deny access to files:
/admin.php and /admin2.php
as well as to the contents of folders:
/admin/, /data/ and /uploads/

for all ip-addresses except for local network 192.168.1.0/24 and external ip 11.22 .33.44

------------------ I
thought to solve it like this, but it doesn't work:

geo $remote_addr $allowed_trafic {
                default false;
                192.168.1.0/24 true;
                11.22.33.44 true;
}
server {
   if ($request_uri ~* "(/admin/|/(admin|admin2).php|/data/|/uploads/)" && $allowed_trafic = "false") {
        return 444;
   }

}

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

dodo512, 2021-09-12
@Tolly

geo $remote_addr $allowed_trafic {
                default false;
                192.168.1.0/24 true;
                11.22.33.44 true;
}

map "$allowed_trafic$request_uri" $var {
default 0;
~^false/(admin|admin2)\.php     1;
~^false/(admin|data|uploads)/   1;
}

server {
    if ($var) {
        return 444;
    }