Deny ips, and pick ips from a file

Hi all,

I need to deny users by ip. I assume we need to do something like this

location / {

block one workstation


allow anyone in


drop rest of the world

deny all;


But how can I pass on the list of ips from a file? A file which will get
udated from time to time.

Can I pass the ips something like this

deny /tmp/iplist.txt;

Will Nginx refresh the ip list in memory if the file gets changed?


On 11.10.2012 09:50, Quintin P. wrote:

Can I pass the ips something like this

deny /tmp/iplist.txt;

If list of IP to block is really big, then better to use geo module
allow/deny: Module ngx_http_geo_module

geo $denyed_host {
default 1;
include /tmp/iplist.txt;

if ($denyed_host) {
return 403;

iplist.txt should contain lines like: 0; 1;

After update of /tmp/iplist.txt you should reconfigure nginx (e. g. run
nginx -s

Anton Y.

Posted at Nginx Forum:

Thanks Antonio. This bonus is so good.

On 11 Out 2012 12h55 CEST, [email protected] wrote:

Also a shameless plug - I leave the server handling to be done à la
carte :slight_smile:

This creates a file to be used by the geo directive.

— appa

Posted at Nginx Forum: