How to set whitelist in Nginx through geo module

Original configuration:

http {
......

limit_conn_zone $binary_remote_addr zone=one:10m;
limit_req_zone $binary_remote_addr zone=fifa:10m rate=5r/s;

......
server {
......
limit_conn one 5;
limit_req zone=fifa burst=100;
......
}}

Whitelist configuration:

http {
......

geo $whiteiplist {
 default 1;
 127.0.0.1 0;
 10.10.0.0/24 0;
}
map $whiteiplist $limit {
 1 $binary_remote_addr;
 0 "";
}
limit_conn_zone $limit zone=one:10m;
limit_req_zone $limit zone=fifa:10m rate=5r/s;

......
server {
......
limit_conn one 5;
limit_req zone=fifa burst=100;
......
}}

Description:

The geo directive defines a whitelist $whiteiplist, the default value is 1, all are restricted. If the client IP matches the IP listed in the whitelist, the $whiteiplist value is 0, which means it is not restricted.

The map command maps the $whiteiplist value to 1, which is the restricted IP, to the client IP. Map the $whiteiplist value of 0, which is the whitelist IP, to an empty string.

The limit_conn_zone and limit_req_zone instructions will be ignored for keys with null values, thereby achieving no limit on the listed IPs.

The above is the detailed content of How to set whitelist in Nginx through geo module. For more information, please follow other related articles on the PHP Chinese website!