1、编辑配置文件
vim /usr/local/nginx/conf/vhosts/test.conf
2、修改以下位置
location ~ .*admin\.php$ {
auth_basic "redhat auth";
auth_basic_user_file /usr/local/nginx/conf/.htpasswd;
include fastcgi_params;
fastcgi_pass unix:/tmp/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
}
为
location ~ .*admin\.php$ {
allow 127.0.0.1;
deny all;
include fastcgi_params;
fastcgi_pass unix:/tmp/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
3、重新加载
/usr/local/nginx/sbin/nginx -s reload
4、使用curl访问
curl -x127.0.0.1:80 www.test.com/admin.php -I
HTTP/1.1 200 OK
Server: nginx/1.6.3
Date: Mon, 30 May 2016 09:35:50 GMT
Content-Type: text/html; charset=gbk
Connection: keep-alive
X-Powered-By: PHP/5.4.36
Set-Cookie: H7RV_2132_saltkey=zw67rRx6; expires=Wed, 29-Jun-2016 09:35:50 GMT; path=/; httponly
Set-Cookie: H7RV_2132_lastvisit=1464597350; expires=Wed, 29-Jun-2016 09:35:50 GMT; path=/
Set-Cookie: H7RV_2132_sid=U05iX3; expires=Tue, 31-May-2016 09:35:50 GMT; path=/
Set-Cookie: H7RV_2132_lastact=1464600950%09admin.php%09; expires=Tue, 31-May-2016 09:35:50 GMT; path=/
(127.0.0.1可以访问)
curl -x10.10.13.247:80 www.test.com/admin.php -I
HTTP/1.1 403 Forbidden
Server: nginx/1.6.3
Date: Mon, 30 May 2016 09:36:40 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
(使用10.10.13.247禁止访问)
5、也可以使用全局配置不允许指定地址访问
直接在root /data/www;底下设定allow或deny
6、如果要限制某个ip对整个网站的访问直接在主机下面写deny即可,如下:
listen 80 ;
server_name www.test.com www.aaa.com www.bbb.com;
index index.html index.htm index.php;
root /data/www;
deny 127.0.0.1;
