Nginx 访问控制 (转)
http://hi.baidu.com/%D0%A1%D0%A1%D4%CB%CE%AC/blog/item/f5f9c8d205607a349b502719.html
1.Nginx身份证验证
#cd /usr/local/nginx/conf #mkdir htpasswd /usr/local/apache2/bin/htpasswd -c /usr/local/nginx/conf/htpasswd/tongji linuxtone #添加用户名为linuxtone New password: (此处输入你的密码) Re-type new password: (再次输入你的密码) Adding password for user http://count.linuxtone.org/tongji/data/index.html(目录存在/data/www/wwwroot/tongji/data/目录下) 将下段配置放到虚拟主机目录,当访问http://count.linuxtone/tongji/即提示要密验证: location ~ ^/(tongji)/ { root /data/www/wwwroot/count; auth_basic "LT-COUNT-TongJi"; auth_basic_user_file /usr/local/nginx/conf/htpasswd/tongji; }
2.Nginx禁止访问某类型的文件.
如,Nginx下禁止访问*.txt文件,配置方法如下.
方法1:
location ~* .(txt|doc)$ { if (-f $request_filename) { root /data/www/wwwroot/linuxtone/test; #rewrite …..可以重定向到某个URL break; } }
方法2:
location ~* .(txt|doc)${ root /data/www/wwwroot/linuxtone/test; deny all; }
实例:
禁止访问某个目录
location ~ ^/(WEB-INF)/ { deny all; }
3.使用ngx_http_access_module限制ip访问
location / { deny 192.168.1.1; allow 192.168.1.0/24; allow 10.1.1.0/16; deny all; }
详细参见wiki:http://wiki.codemongers.com/NginxHttpAccessModule#allow
4.Nginx下载限制并发和速率
limit_zone linuxtone $binary_remote_addr 10m; server { listen 80; server_name down.linuxotne.org; index index.html index.htm index.php; root /data/www/wwwroot/down; #Zone limit location / { limit_conn linuxtone 1; limit_rate 20k; } .......... }
只允许客房端一个线程,每个线程20k.
【注】limit_zonelinuxtone$binary_remote_addr10m;这个可以定义在主的
5.Nginx实现Apache一样目录列表
location / { autoindex on; }
6.上文件大小限制
主配置文件里加入如下,具体大小根据你自己的业务做调整。
client_max_body_size 10m;
相关推荐
nginxs 2020-11-14
Guanjs0 2020-11-13
小木兮子 2020-11-11
yserver 2020-11-11
ssihc0 2020-11-11
windle 2020-11-10
HanksWang 2020-11-10
liuchen0 2020-11-10
Freshairx 2020-11-10
ccschan 2020-11-10
liwf 2020-11-10
Guanjs0 2020-11-09
AderStep 2020-11-09
zrtlin 2020-11-09
mqfcu 2020-11-10
windle 2020-10-29