ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА












     АРХИВ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Хочется сделать так, чтобы сайт не был доступен по его ip


  • To: nginx-ru@xxxxxxxxx
  • Subject: Re: Хочется сделать так, чтобы сайт не был доступен по его ip
  • From: "dvital1001" <nginx-forum@xxxxxxxx>
  • Date: Sun, 21 Jul 2013 15:12:16 -0400
  • Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=helium.jlkhosting.com; s=x; h=Date:Sender:From:References:In-Reply-To:Message-ID:Content-Transfer-Encoding:Content-Type:Subject:To; bh=3TF5JiRVkb3Z1zTOs3y5sNU9kN7QU7C0Dn4rhGrRAoM=; b=rYwIjq3bwBpNRsAbOtA3/mgkYPv8jQJ5kthh8M9sZRYE3XvIv0s/+LZFbJsdZuuozaMSaa/lMl3EKsM0Z+Jr7PFu4n1QBw8opomhdvqIZtsy7e1oBDoz8dzYcXXhuoz4sTOrLAvxD8XVWko9/xfo45ZhrP//5LtjUveoeJvFnH0=;
  • In-reply-to: <CAM_jxg3KqHmCGUYP-FkLxJJdhV81tP-WkPU38kzEK=8-3MakvQ@mail.gmail.com>
  • References: <CAM_jxg3KqHmCGUYP-FkLxJJdhV81tP-WkPU38kzEK=8-3MakvQ@mail.gmail.com>

вот конфиги. Они у меня разнесены по файлам. В файле
/etc/nginx/sites-enabled/reset.conf отдельно расположены конфиг запрета
запроса сайта по ip. 
Надеюсь, это что-то даст. 

#### /etc/nginx/nginx.conf

user  www-data;
worker_processes  8;

error_log  /var/log/nginx/error.log notice;

pid        /var/run/nginx.pid;
worker_rlimit_nofile 8192;
timer_resolution 100ms;
worker_priority -5;

events {
    worker_connections  2048;
    use epoll;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    index              index.php index.html index.htm;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    client_max_body_size 20m;

    gzip  on;
    gzip_static      on;
    gzip_min_length  1000;
    gzip_proxied     any;
    gzip_types text/plain text/xml application/xml application/x-javascript
text/javascript text/css text/json;
    gzip_disable     "msie6";
    gzip_comp_level  8;


    include /etc/nginx/sites-enabled/*;
}


###  /etc/nginx/sites-enabled/site1.conf
  server {
        listen       192.168.10.1:80;        
        server_name example1.com;
        access_log  /home/example1.com/logs/access.log  main;

        charset windows-1251;

        root /home/example1.com/www;

        error_page  404              /index.php;

        location ~* 
\.(js|JPG|jpg|png|jpeg|gif|zip|tgz|gz|rar|doc|xls|exe|pdf|ppt|txt|wav|bmp|rtf)$
{
            expires 1y;
            open_file_cache_errors  off;
         #   error_page 404 = @fetch;
            access_log off;
        }

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/nginx/html;
        }

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        # pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
        location ~ \.php$  {
            try_files $uri =404;

            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
            # fastcgi_intercept_errors on;
            fastcgi_pass 127.0.0.1:9000;
        }
}



###  /etc/nginx/sites-enabled/site2.conf
  server {
        listen       192.169.10.2:80;
        server_name  example2.com;
        access_log  /home/example2.com/logs/access.log  main;

        charset utf8;

        root /home/example2.com/www;

        error_page  404              /index.php;

        location ~* 
\.(js|JPG|jpg|png|jpeg|gif|zip|tgz|gz|rar|doc|xls|exe|pdf|ppt|txt|wav|bmp|rtf)$
{
            expires 1y;
            open_file_cache_errors  off;
         #   error_page 404 = @fetch;
            access_log off;
        }

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/nginx/html;
        }

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        # pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
        location ~ \.php$  {
            try_files $uri =404;

            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
            # fastcgi_intercept_errors on;
            fastcgi_pass 127.0.0.1:9000;
        }


    }



###  /etc/nginx/sites-enabled/site3.conf
  server {
        listen       192.169.10.3:80;
        server_name  example3.com;
        access_log  /home/example3.com/logs/access.log  main;

        charset utf8;

        root /home/example3.com/www;

        error_page  404              /index.php;

        location ~* 
\.(js|JPG|jpg|png|jpeg|gif|zip|tgz|gz|rar|doc|xls|exe|pdf|ppt|txt|wav|bmp|rtf)$
{
            expires 1y;
            open_file_cache_errors  off;
         #   error_page 404 = @fetch;
            access_log off;
        }

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/nginx/html;
        }

        location / {
            try_files $uri $uri/ /index.php?$args;
        }

        # pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
        location ~ \.php$  {
            try_files $uri =404;

            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
            # fastcgi_intercept_errors on;
            fastcgi_pass 127.0.0.1:9000;
        }


    }


### /etc/nginx/sites-enabled/reset.conf
server {
    listen 192.168.10.1 default_server;
    server_name _;
    access_log off;
    return 444;
}

server {
    listen 192.168.10.2 default_server;
    server_name _;
    access_log off;
    return 444;
}
server {
    listen 192.168.10.3 default_server;
    server_name _;
    access_log off;
    return 444;
}

Posted at Nginx Forum: 
http://forum.nginx.org/read.php?21,241085,241105#msg-241105

_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://mailman.nginx.org/mailman/listinfo/nginx-ru


 




Copyright © Lexa Software, 1996-2009.