There are several ways to disable a specific IP in Nginx:
1. Use denyinstructions: In the Nginx configuration file, you can use denyinstructions to prohibit access from specific IPs. For example, to deny access to the IP address 192.168.1.100, you can add the following to the configuration file:
location / {
deny 192.168.1.100;
...
}In this way, when a request comes from the IP address 192.168.1.100, Nginx will return a 403 Forbidden error.
2. Combination of usage allowand denyinstructions: IP access can be restricted through a combination of usage allowand instructions. denyFor example, to allow access from the IP address 192.168.1.0/24 but deny access from the IP address 192.168.1.100, you can add the following to the configuration file:
location / {
allow 192.168.1.0/24;
deny 192.168.1.100;
...
}In this way, except for requests with IP address 192.168.1.100, other IP addresses will be allowed to access.
3. Use limit_connthe and limit_reqdirectives of the HTTP module: In addition to using denythe and allowdirectives to prohibit access from specific IPs, you can also use the limit_connand limit_reqdirectives of the HTTP module to limit the number of connections and request frequency of specific IPs. These directives can be set in blocks in Nginx's configuration file http. For example, to limit the number of connections to 1 for the IP address 192.168.1.100 and limit its request frequency to 10 requests/second, you can add the following to the configuration file:
http {
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_conn conn_limit_per_ip 1;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=10r/s;
limit_req zone=req_limit_per_ip burst=20;
...
}In this way, when the number of connections of the client with IP address 192.168.1.100 exceeds 1 or the request frequency exceeds 10 requests/second, Nginx will restrict its access. Through the above methods, you can effectively disable access to specific IPs in Nginx.