[资料]Nginx做IP访问限制以及正则规则
server { listen 443; root /webroot/; server_name serverName; access_log /data/log/nginx/access_web_domain.log main buffer=32k flush=5s; charset utf-8; client_max_body_size 200m; ssl on; ssl_certificate /etc/ssl/server.cer; ssl_certificate_key /etc/ssl/server.key; ssl_client_certificate /etc/ssl/dvroot.cer; ssl_session_timeout 5m; ssl_protocols SSLv2 TLSv1 TLSv1.1 TLSv1.2; #ssl_protocols SSLv2 SSLv3; ssl_ciphers ALL:!ADH:!EXPORT:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; #location / { # root /webroot/; # index index.html index.htm index.php; #} error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # 正则例处处理 location /(group1|group2)/api { allow all; } # url rewrite location / { index index.php; if (!-e $request_filename) { rewrite ^/(.*)$ /index.php/$1 last; break; } allow XXX.XXX.XXX.XXX; #某某公司IP deny all; } # 图片,FLASH cache time location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } # js,css cache time location ~ .*\.(js|css)?$ { expires 6h; } location ~ .*\.(php)?$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index ThinkPHP.index; include fcgi.conf; } location ~ .+\.php($|/){ set $script $uri; set $path_info "/"; if ($uri ~ "^(.+\.php)(/.+)") { set $script $1; set $path_info $2; } fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php?IF_REWRITE=1; include fcgi.conf; fastcgi_param HTTPS on; fastcgi_param PATH_INFO $path_info; fastcgi_param SCRIPT_FILENAME $document_root/$script; fastcgi_param SCRIPT_NAME $script; } } server { listen 80; server_name manage.vxinyou.com; access_log /data/log/nginx/access_domain.log main buffer=32k flush=5s; rewrite ^/(.*) https://$server_name/$1 permanent; #跳转到Https }
申明
非源创博文中的内容均收集自网上,若有侵权之处,请及时联络,我会在第一时间内删除.再次说声抱歉!!!
博文欢迎转载,但请给出原文连接。
