1. 使用正則匹配內網字段,示例中匹配合法ip,取非後爲正則返回403;
location / {
if ($remote_addr !~* "^(192\\.168|172\\.(1[6-9]|2\\d|3[0,1]))(\\.(2[0-4]\\d|25[0-5]|[0,1]?\\d?\\d)){2}$|^10(\\.([2][0-4]\\d|25[0-5]|[0,1]?\\d?\\d)){3}$") {
return 403;
}
proxy_pass http://myapp1;
}
2. 修改nginx conf配置文件,指向403,重寫nginx 403指向文件;
error_page 403 /reject.html;
location = /reject.html {
root html;
}
3. 在nginx的html文件夾下,新建reject.html文件