Configure the environment: Centos 7.6 + Tengine 2.3.2
1. Nginx HTTP block is configured, this configuration list block only, and without limitation treaty, as opposed
{/usr/local/nginx/GeoIP/GeoLite2-Country.mmdb geoip2
$ geoip2_data_country_code Country iso_code;
}
# allow local access network
GEO {$ the allow-IP
default NO;
192.168.10.0/24
}
# Region Configuration Access
map $ geoip2_data_country_code allowed_country {$
default NO;
the CN Yes;
}
The main block 2. server configured to enable the limits of the defined genus, configured as follows;
the configuration on the front LOCATION, which may be arranged in localtion, tested as custom exception page return 403 404, to be placed inside a custom page localtion to become effective;
Custom # 403404 Back to
error_page 403,404 /403.html;
LOCATION = {/403.html
the root / var / WWW /;
}
LOCATION / {
# local subnet whitelist
IF ($ the allow-IP = Yes) {
SET yes allowed_country $;
}
# whitelist country
IF ($ allowed_country = NO) {
return 403;
}
proxy_pass HTTP: // huangting_web;
the include conf.d / proxy.conf;
}
3. Note: Enable individual resides when configuring SSL, configuration files and nginx.conf include the use of external calls, when all configurations in nginx -t ssl on abnormal test prompted, restart using the normal test