Restrict by IP for some users

I’d like to restrict access to a server block to authenticated users.
Some of the users should be able to access it from any IP and some of
the users should be blocked unless they are coming from a particular
IP. How is this done in nginx?

  • Grant

On Wed, Feb 05, 2014 at 02:49:46PM -0800, Grant wrote:

Hi there,

I’d like to restrict access to a server block to authenticated users.
Some of the users should be able to access it from any IP and some of
the users should be blocked unless they are coming from a particular
IP. How is this done in nginx?

Perhaps something along these lines?

User “a” must come from an address listed in “geo $goodip”.
Other users may come from anywhere.

===
map $remote_user $userip {
default 1;
a $goodip;
}

geo $goodip {
default 0;
127.0.0.0/24 1;
}

server {
auth_basic “This Site”;
auth_basic_user_file htpasswd;
if ($userip = 0) {
return 403;
}
}

f

Francis D. [email protected]

===
server {
auth_basic “This Site”;
auth_basic_user_file htpasswd;
if ($userip = 0) {
return 403;
}
}

Interesting solution. I never would have thought of that. I was
using an alias to do this in apache. Are there performance
implications of adding the geo and map modules to nginx and running
that code?

  • Grant

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs