SHINCHVEN'S HEXO

Setup An IP Whitelist With Nginx

Nginx IP whitelist
Count: 231Reading time: 1 min
2017/03/10 Share

Basic Configuration

Define a common IP whitelist conf to be included

/etc/nginx/conf.d/shared/ipwhitelist.conf
1
2
3
4
5
6
deny 192.168.1.1;       # deny the actual IP address
allow 127.0.0.1;        # allow the actual IP address to access such as 127.0.0.1 for localhost
allow 192.168.0.0/16;   # allow IP addresses in range
allow 172.16.0.0/16;
allow 10.10.0.0/16;
deny all;               # deny the rest of the world

Include the IP whitelist to your app’s conf

/etc/nginx/conf.d/your.conf
1
2
3
server{
   include /etc/nginx/conf.d/shared/ipwhitelist.conf
}

How to define IP in range

RFC1918 name IP address range Number of addresses Largest CIDR block (subnet mask) Host ID size Mask bits Classful description
24-bit block 10.0.0.0 – 10.255.255.255 16777216 10.0.0.0/8 (255.0.0.0) 24 bits 8 bits single class A network
20-bit block 172.16.0.0 – 172.31.255.255 1048576 172.16.0.0/12 (255.240.0.0) 20 bits 12 bits 16 contiguous class B networks
16-bit block 192.168.0.0 – 192.168.255.255 65536 192.168.0.0/16 (255.255.0.0) 16 bits 16 bits 256 contiguous class C networks

See Wikipedia: https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses

author: SHINCHVEN

permalink: https://atlassc.net/2017/03/10/ip-whitelist-with-nginx/

date: Fri Mar 10 2017 20:59:12 GMT+0800 (China Standard Time)

updated: Tue Mar 10 2020 21:26:31 GMT+0800 (China Standard Time)

license: Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) - 知识共享署名-非商业性使用 4.0 国际许可协议

CATALOG
  1. 1. Basic Configuration
    1. 1.1. Define a common IP whitelist conf to be included
    2. 1.2. Include the IP whitelist to your app’s conf
  2. 2. How to define IP in range
Total : 33
2020
2019
2018
2017
2013
2010
2007
2000
AirPods Pro Apple accessory Aliyun Maven mirror Ant Design Pro i18n download pending problem Android Ant Design Checkbox getFieldDecorator Form GitLab docker docker-compose GitLab-runner Nginx Certbot SSL Bandwagonhost VPS Screenshot macOS Windows gitlab-runner gitlab pipeline JWT JSONWebToken 微信小程序 Base64 GHOST IN THE SHELL RSS Google reader IP whitelist react diff defaultChecked Ant design generate artifact Evernote 印象笔记国际版 OneNote GFW NAS PowerDVD Blu-ray RecyclerView OracleCloud puppeteer commandline terminal DevOps Android Storage Access Framework FeathersJS FeathersJS client HTTP RESTful CRUD Chinese Translation Community User guide