赞
踩
http {
....
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time"';
#获取用户真实IP,并赋值给变量$clientRealIP
map $http_x_forwarded_for $clientRealIp {
"" $remote_addr;
~^(?P[0-9\.]+),?.*$ $firstAddr;
}
server {
.....
include limit_ip.conf;
}
}
编辑 limit_ip.conf
set $flag 0; if ($request_uri ~ ^/cms/back/login.do$){ set $flag "${flag}1"; } if ($clientRealIp !~* "192.168.0.1") { set $flag "${flag}2"; } if ($clientRealIp !~* "192.168.0.2") { set $flag "${flag}3"; } if ($clientRealIp !~* "1192.168.0.3"){ set $flag "${flag}4"; } if ($flag = "01234"){ return 403; break; } |
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。