How to disable IP access in NGINX + PHP-Fpm?

A

argenit2016-01-13 17:05:43

linux

argenit, 2016-01-13 17:05:43

Hello. There is a site that runs on a bundle of Nginx + php-fpm on the Ajenti control panel on Wordpress

. Here I need to block access by IP to everyone except my IP address.
I added like this

location ~ / {      
#allow   мой ИП; 
deny all;
}

But then the php site does not load, but downloads the php index file.

Tell me how to set it up correctly ..

Here is the config
/etc/nginx/conf.d/my-site.conf

# This order might seem weird - this is attempted to match last if rules below fail.
location / {
  try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
       access_log off; log_not_found off; expires max;
}

location = /favicon.ico {
  log_not_found off;
  access_log off;
}
location = /robots.txt {
  allow all;
  log_not_found off;
  access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
  deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
  deny all;
}
#

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Antony Ryabov, 2016-01-14
@argenit

Correct like this:

satisfy any;
allow 127.0.0.1; #здесь вместо 127.0.0.1 ваш IP адрес или подсеть
deny all;

And not in the location, but higher, at the level with root, server_name is there.