[Reprint] nginx ban ip access and simple way to ban post method

Others 2019-08-29 05:38:54 views: null

nginx prohibit access to the site of IP setting method

http://www.512873.com/archives/471.html

http://www.512873.com/archives/312.html

 

conf directory, create blocksip.conf

Write deny 1.1.1.1 in blocksip.conf inside; the phrase is meant to disable this IP (entire segment is: deny 1.1.1.0/24;)

Inside nginx.conf added: include blocksip.conf;

Nginx to restart it.

 

 

Nginx server rejects the request post

Publish: May 27, 2015 Category: 文档 No Comments

upstream tomcat {
ip_hash;
server 192.168.2.187:8080;
}
 
location ~*  /html  {
if  ($request_method = PUT ) {
return  403;
}
 
if  ($request_method = DELETE ) {
return  403;
}
 
if  ($request_method = POST ) {
return  403;
}
 
proxy_method GET;
proxy_pass http: //tomcat ;
}


When the path contains / html, the proxy server to backend data request. Here shielding PUT, DELETE, POST, but using the GET, the main purpose of security, since DELETE, POST, PUT data can be modified.

 

or:

limit_except GET {
allow 192.168.1.1;
deny all;
 
if  ($request_filename ~  /test/index .html) {
# return 404;
rewrite ^/(.*)  /index .html;
}
 
     };

Forbidden nginx txt | doc file
Method a: global settings to disable access to any suffix txt | doc file
LOCATION * ~ \ (txt | doc) {$.
the deny All;
}

Method two: prohibited access only at certain txt directory | DOC
LOCATION ~ * \ (txt | DOC) $ {.
IF (-f $ request_filename) {

root html/job;
break;
}
}

nginx is prohibited in a browser to access: # type of browser can be learned from the log.
Server
{
the listen 80;
server_name test.domain.com;
index the index.php index.html;
the root / opt / Nginx / HTML /;
IF (* ~ $ HTTP_USER_AGENT "MSIE 6.0") {
return 403;
}

Set execute permissions
in windows + iis, you can set upload directory, similar to: upload, uploadfile, attachments, no such directory script execute permissions to prevent unauthorized users upload script to get webshell

the nginx is also very simple, we use the location as follows:
location ~ ^ / Upload /.* \ (PHP | PHP5) $.
{
the deny All;
}

Which replaced upload directory name you want to set
this rule is the meaning of matching requests at the beginning of the connection is / upload /, the middle match any character, the end of the match or .php5 .php pages. Finally, deny all access is prohibited, so prevents script execution permissions to upload directory

Guess you like

Origin www.cnblogs.com/jinanxiaolaohu/p/11417728.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com