Configure the environment: Centos 7.6 + Tengine 2.3.2
1. Nginx HTTP block is configured, this configuration list block only, and without limitation treaty, as opposed
{/usr/local/nginx/GeoIP/GeoLite2-Country.mmdb geoip2 $ geoip2_data_country_code Country iso_code; } # allow local access network GEO {$ the allow-IP default NO; 192.168.10.0/24 } # Region Configuration Access map $ geoip2_data_country_code allowed_country {$ default NO; the CN Yes; }
The main block 2. server configured to enable the limits of the defined genus, configured as follows;
the configuration on the front LOCATION, which may be arranged in localtion, tested as custom exception page return 403 404, to be placed inside a custom page localtion to become effective;
Custom # 403404 Back to error_page 403,404 /403.html; LOCATION = {/403.html the root / var / WWW /; } LOCATION / { # local subnet whitelist IF ($ the allow-IP = Yes) { SET yes allowed_country $; } # whitelist country IF ($ allowed_country = NO) { return 403; } proxy_pass HTTP: // huangting_web; the include conf.d / proxy.conf; }
3. Note: Enable individual resides when configuring SSL, configuration files and nginx.conf include the use of external calls, when all configurations in nginx -t ssl on abnormal test prompted, restart using the normal test