how to restrict access by IP address in NGINX1 min read

Prabhin Prabharkaran
Prabhin Prabharkaran Administrator
DevOps Engineer

He is a Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!

web
https://www.techrunnr.com
email
prabhin@techrunnr.com
call
8129739773
follow me

Hi All, In this document, we deal with how to restrict access by IP address in NGINX.
Nginx is one of the powerful webservers with high performance. Nginx can be used as a load balancer, reverse proxy, caching, etc.

Nginx comprises a lot of modules that help perform all these actions. Here we are explaining how we can restrict access to web server based on IP.
To allow and deny access, use allow, and deny derivatives inside the server block.

server {
	listen 80;

}

 

Server {
	allow 192.168.10.2;
	deny all;
}

In the above example nginx accept the connection only from 192.168.10.2, rest all connection will be denied.


Server {

	deny 192.168.10.2;
	allow all;
}

In the above example nginx deny the connection only from 192.168.10.2, rest all connection will be allowed.

Allow and deny derivatives can be used inside location blocks also.

server {
	listen 80;

			location /admin {
			deny 192.168.10.1/24
			allow 10.0.0.0/16;
			deny all;
			proxy_pass http://admin;
			}
}

In the above example nginx deny the connection only from 192.168.10.1/24 subnet, allowed only from 10.0.0.0/16 subnet and rest will be denied.

© 2020, Techrunnr. All rights reserved.

#1
#2
#3
Questions Answered
Articles Written
Overall Points

Related posts

2 Thoughts to “how to restrict access by IP address in NGINX”

  1. Bernhard Michel
    May 7, 2021 at 12:37 pm

    the keyword ´Server´ is recognized in lower case only ie. ´server´

    Reply
    1. Prabhin Prabharkaran
      May 8, 2021 at 2:04 pm

      thanks for the update.

      Reply

Leave a Reply