All files from this thread

File Name File Size   Posted by Date  
ngxinx.conf 4.9 KB open | download sandeep dubey 01/25/2023 Read message
Previous Message Next Message
Forum List Message List New Topic Print View
sandeep dubey
January 24, 2023 12:38AM
Thanks Ian for the reply.
I did it because the container was failing to start with the error below,
will restrict that too. -

> [error] 7#7: *1 connect() failed (111: Connection refused) while
> connecting to upstream, client: 10.10.0.38, server: _, request: "GET
> /api/saml-links HTTP/1.1", upstream: "http://127.0.0.1:8000/api/saml-links",
> host: "10.18.9.132:80"
>

On Mon, Jan 23, 2023 at 5:27 PM Ian Hobson <hobson42@gmail.com> wrote:

> Hi Sandeep,
>
> I rather suspect that your top two CIDR allow lines are allowing too
> many people in.
>
> Remove them, and check that only the last two lines are
> allowed in.
>
> Then create the two top addresses very carefully, and test.
>
> 1.2.3.4/8 allows all C level addresses of the format 1.*.*.* in. I think
> you need 1.2.3.4/24 which allows all of the format
> 1.2.3.*
>
> Hope this helps.
>
> Ian
>
> On 23/01/2023 16:34, sandeep dubey wrote:
> > Hello,
> >
> > I am trying to restrict some Location block in my Nginx configuration to
> > specific IPs. Below are the changes I made -
> >
> > Version: nginx:1.21.0
> >
> > location / {
> > proxy_pass http://127.0.0.1:8080 <http://127.0.0.1:8080
> >;
> > }
> >
> > location = /auth {
> > proxy_pass http://127.0.0.1:8080 <http://127.0.0.1:8080
> >;
> > allow 1.2.3.4/8 http://1.2.3.4/8;
> > allow 5.6.7.8/16 http://5.6.7.8/16;
> > allow my.vpn.ip.here;
> > allow my.public.ip.here;
> > deny all;
> > error_page 403 /usr/share/nginx/html/403.html;
> > auth_basic "Administrator’s area";
> > auth_basic_user_file /etc/nginx/.htpasswd;
> > }
> >
> > Here, the deny rule is not working. Users are still able to access the
> > page publicly. Am I missing something?
> >
> > --
> > Regards,
> > Sandeep
> >
> > _______________________________________________
> > nginx mailing list
> > nginx@nginx.org
> > https://mailman.nginx.org/mailman/listinfo/nginx
>
> --
> Ian Hobson
> Tel (+66) 626 544 695
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>


--
Regards,
Sandeep
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Allow/Deny rules in Location block

sandeep dubey January 23, 2023 04:36AM

Re: Allow/Deny rules in Location block

Ian Hobson January 23, 2023 06:58AM

RE: Allow/Deny rules in Location block

Reinis Rozitis January 23, 2023 07:40AM

Re: Allow/Deny rules in Location block

sandeep dubey January 24, 2023 12:42AM

RE: Allow/Deny rules in Location block

Reinis Rozitis January 24, 2023 11:58AM

Re: Allow/Deny rules in Location block

nanaya January 25, 2023 12:30AM

Re: Allow/Deny rules in Location block

sandeep dubey January 25, 2023 12:56AM

Re: Allow/Deny rules in Location block Attachments

sandeep dubey January 25, 2023 12:56AM

RE: Allow/Deny rules in Location block

Reinis Rozitis January 25, 2023 08:30AM

Re: Allow/Deny rules in Location block

sandeep dubey January 27, 2023 09:02AM

Re: Allow/Deny rules in Location block

sandeep dubey January 24, 2023 12:38AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 171
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready