How to make authorization via ssl for certain IPs in nginx?

E

emashev2019-03-06 16:10:05

Nginx

emashev, 2019-03-06 16:10:05

Greetings, there is a balancer on nginx and an internal dns zone for the domain.
Let 's say https://app.example.com is proxied to the application on 10.10.101.14:8081
Access to the application from outside via IP is blocked on the load balancer.

location / {
                allow 10.10.101.0/24;
                deny all;
                .......

Now a situation has arisen that you need to open access to everyone at an external address and do either basic or authorization by certificates only for external users, while leaving everything as it is for internal users - without authorization.
Is it possible somehow in nginx to make a condition for location to allow access to it by IP, and if the IP is not in the list - request authorization?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

dodo512, 2019-03-06
@emashev

map $remote_addr $my {
    default  "closed site";
    ~^10\.10\.101\.    off;
}

server {
    auth_basic           $my;
    auth_basic_user_file путь/на_сервере_к/.htpasswd;