问题
I have a single physical server running several server blocks in nginx corresponding to different subdomains. One of them I'd like to be only accessible from devices on the same local network as the server. I know theoretically this can be done with
allow 192.168.1.0/24;
deny all;
within a location block. When I actually try to access the server from a local device, though, the request is denied. Looking at the access logs, this is because the request is shown as coming from my network's external IP rather than the device's internal IP. How can I fix this?
回答1:
Your issue is likely that you are using external DNS which routes your request to your public IP and then back to your website. Setup internal DNS and point the site resolution to the internal IP directly.
Then as you stated, you can do the following:
cat << 'EOF' >/etc/nginx/private.conf
allow 192.168.1.0/24;
deny all;
EOF
site.conf:
include /etc/nginx/private.conf;
来源:https://stackoverflow.com/questions/51801772/allowing-only-local-network-access-in-nginx