nginx 不允许子网访问

tag-icon tag-icon nginx
nginx 不允许子网访问

我在 /etc/nginx/conf.d/app.conf 中有以下 conf 文件。我试图将对 /path1 和 /path2 url 的访问限制在 /16 子网范围内。当我尝试从子网中的一台机器访问时,我得到 404,只有当我注释掉/删除该块时我才能访问它,但之后它可以从任何地方访问。我做错了什么......任何指示都值得赞赏..

  server {
    sendfile on;
    keepalive_timeout 65;
    tcp_nodelay on;
    # Enable compression, this will help if you have for instance advagg module
    # by serving Gzip versions of the files.
    gzip_static on;

    access_log /var/log/nginx/app.access.log;
    error_log /var/log/nginx/app.error.log;

    listen 9000;
    server_name 0.0.0.0;       ## <-- Your domain.
    root /opt/app;  ## <-- Path to your Drupal files.

    location / {
            try_files $uri @rewrite;
    }

    location @rewrite {
             rewrite ^ /index.php;
    }

    location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php-fpm-www.sock; ## <-- location of the PHP-FPM socket
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $request_filename;
            fastcgi_intercept_errors on;
            fastcgi_ignore_client_abort off;
            fastcgi_connect_timeout 60;
            fastcgi_send_timeout 180;
            fastcgi_read_timeout 180;
            fastcgi_buffer_size 128k;
            fastcgi_buffers 4 256k;
            fastcgi_busy_buffers_size 256k;
            fastcgi_temp_file_write_size 256k;
    }

    location = /favicon.ico {
            log_not_found off;
            access_log off;
    }

    location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
    }

    location ~ \..*/.*\.php$ {
            return 403;



 # as Subversion or Git to store control files.

    location ~ (^|/)\. {

            return 403;

    }

    location ~* \.(conf|config)$ {

            deny all;

    }



#  location /path1 {

     # allow 10.5.0.0/16;

     # deny all;

  #  }



    location /path2 {

      allow 10.5.0.0/16;

      deny all;

    }





#Expire rules



# Media: images, icons, video, audio

location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$ {

   expires 1M;

   add_header Cache-Control "max-age=2592000 public";

}



# CSS and Javascript

location ~* \.(?:css|js)$ {

   expires 6M;

   add_header Cache-Control "max-age=15552000 public";

}



location ~* \.(?:html|htm|php|cgi|pl)$ {

    expires 2h;

    add_header Cache-Control "max-age=7200 public";

}



}



#HTTP redirect to HTTPS

server {

listen 80;

server_name 0.0.0.0;

return 301 https://$host$request_uri;

}

相关内容