How to write a rule in nginx for certain URLs to start at a certain ip address, and if the ip address is different, then request authorization by login password?

4

4upik2019-04-08 11:26:18

Nginx

4upik, 2019-04-08 11:26:18

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

P

Pavel Mezhuev, 2019-04-08
@mezhuev

IP address restrictions: nginx.org/ru/docs/http/ngx_http_access_module.html Login
and password authentication: nginx.org/ru/docs/http/ngx_http_auth_basic_module.html
Or using an additional request (for example, to the backend): nginx.org/ru/docs/http/ngx_http_auth_request_modul...
For all this to work as you need, just add to the appropriate context:

Example

server {
    location / {
        proxy_pass http://backend;
    }

    location /private {
        allow 192.168.0.0/24;
        deny all

        auth_basic "Private zone";
        auth_basic_user_file htpasswd;

        satisfy any;

        proxy_pass http://backend/private;
    }
}

4

4upik, 2019-04-16
@4upik

location / {
index index.php;
satisfy any;
allow 10.0.0.0/8;
auth_basic "example.com intra";
auth_basic_user_file /etc/nginx/htpasswd/example.com.htpasswd;
}