一、指定ip段
location / { allow 172.17.0.1/24; deny all; }
二、指定认证账户
location / { auth_basic "please entry your password"; auth_basic_user_file /etc/nginx/auth/auth_file; }
指定保存用户名密码的文件,格式如下:
name1:password1
name2:password2
name3:password3
生成密码格式:
[root@test ~]# openssl passwd 12345 fIHcRVEKijgoM [root@test ~]# echo "admin:fIHcRVEKijgoM" > auth_file [root@test ~]# cat auth_file admin:fIHcRVEKijgoM
三、过频
limit_req_zone $binary_remote_addr zone=req_perip:50m rate=1r/s; server { listen 80; server_name localhost; root /tmp; location / { limit_req zone=req_perip burst=1 nodelay; limit_req_status 503; } }
四、总体
limit_req_zone $binary_remote_addr zone=req_perip:50m rate=1r/s; server { listen 80; server_name localhost; root /tmp; location / { #proxy_pass http://www.baidu.com; allow 172.17.0.1; deny all; auth_basic "please entry your password"; auth_basic_user_file /etc/nginx/auth/auth_file; limit_req zone=req_perip burst=1 nodelay; limit_req_status 503; } }