热门标签
热门文章
- 1SD运行 webui-user.bat 报错Torch is not able to use GPU的报错原因及解决办法_sd torch is not able to use gpu
- 2多智能体博弈模型中的多模态情感识别与融合优化
- 32024三掌柜赠书活动第十三期:API安全技术与实战
- 4【陈老板赠书活动 - 24期】- AIGC重塑金融:AI大模型驱动的金融变革与实践
- 5NLP之中文命名实体识别(Named EntitiesRecognition--NER)
- 6运放放大倍数计算公式_运算放大器基本电路大全(转)
- 7yolov8s网络模型结构图_yolov8网络结构图
- 8python删除元素_Python集合set之删除元素操作
- 9理解赤池信息量(AIC),贝叶斯信息量(BIC)_aic模型可以筛选贝叶斯树模型吗
- 10基于Django开店商城平台系统设计与实现(Pycharm+Python+Mysql)
当前位置: article > 正文
docker下nginx自定义日志并限制ip访问_docker nginx日志限制
作者:从前慢现在也慢 | 2024-03-27 01:51:10
赞
踩
docker nginx日志限制
一.Nginx部署
docker-compose.yml
version: '2'
services:
nginx:
image: 'nginx:latest'
restart: always
container_name: nginx
ports:
- '80:80'
- '443:443'
volumes:
- '/app/nginx/conf.d:/etc/nginx/conf.d'
- '/app/nginx/logs:/etc/nginx/logs'
command: nginx -g 'daemon off;'
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
创建目录:
mkdir -p /app/nginx/logs
mkdir -p /app/nginx/conf.d
conf.d/default.conf配置文件
server { listen 80; server_name localhost; #自定义日志路径,log格式使用main(默认) access_log logs/access_service.log main; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://xxx.com; client_max_body_size 100m; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
二.限制IP访问
1.查找访问者ip方法:
awk ‘{print $1}’ access_service.log |sort |uniq -c|sort -n
2.配置文件conf.d/default.conf
server { listen 80; server_name localhost; access_log logs/access_service.log main; # 将禁止ip放在server级别 deny 172.20.0.1; location / { # 将禁止ip放在location级别 # deny 172.20.0.1; allow 172.20.0.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://test.xylink.cn; client_max_body_size 100m; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
限制ip语法:
deny和allow可以应用到http,server,location级别
//屏蔽单个ip访问 deny IP; //允许单个ip访问 allow IP; //屏蔽所有ip访问 deny all; //允许所有ip访问 allow all; //屏蔽整个段即从123.0.0.1到123.255.255.254访问的命令 deny 123.0.0.0/8 //屏蔽IP段即从123.45.0.1到123.45.255.254访问的命令 deny 124.45.0.0/16 //屏蔽IP段即从123.45.6.1到123.45.6.254访问的命令 deny 123.45.6.0/24 //如果你想实现这样的应用,除了几个IP外,其他全部拒绝, //那需要你在guolv_ip.conf中这样写 allow 1.1.1.1; allow 1.1.1.2; deny all;
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/从前慢现在也慢/article/detail/321086
推荐阅读
相关标签
