ShinChven's Blog

Setup An IP Whitelist With Nginx

Fri Mar 10 2017

Basic Configuration

Define a common IP whitelist conf to be included

Edit /etc/nginx/conf.d/shared/ipwhitelist.conf

deny;       # deny the actual IP address
allow;        # allow the actual IP address to access such as for localhost
allow;   # allow IP addresses in range
deny all;               # deny the rest of the world

Include the IP whitelist to your app's conf

Edit /etc/nginx/conf.d/your.conf

   include /etc/nginx/conf.d/shared/ipwhitelist.conf

How to define IP in range

RFC1918 name IP address range Number of addresses Largest CIDR block (subnet mask) Host ID size Mask bits Classful description
24-bit block – 16777216 ( 24 bits 8 bits single class A network
20-bit block – 1048576 ( 20 bits 12 bits 16 contiguous class B networks
16-bit block – 65536 ( 16 bits 16 bits 256 contiguous class C networks

See Wikipedia: https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses