在 NGINX 中只允许本地网络访问 [英] Allowing only local network access in NGINX

问题描述

我有一个物理服务器，在对应于不同子域的 nginx 中运行多个 server 块.其中之一我希望只能从与服务器位于同一本地网络上的设备访问.我知道理论上这可以用

I have a single physical server running several server blocks in nginx corresponding to different subdomains. One of them I'd like to be only accessible from devices on the same local network as the server. I know theoretically this can be done with

allow 192.168.1.0/24;
deny all;

在 location 块内.但是，当我实际尝试从本地设备访问服务器时，请求被拒绝.查看访问日志，这是因为请求显示为来自我网络的外部 IP，而不是设备的内部 IP.我该如何解决这个问题?

within a location block. When I actually try to access the server from a local device, though, the request is denied. Looking at the access logs, this is because the request is shown as coming from my network's external IP rather than the device's internal IP. How can I fix this?

推荐答案

您的问题很可能是您正在使用外部 DNS，它将您的请求路由到您的公共 IP，然后返回到您的网站.设置内部DNS，将站点解析直接指向内部IP.

Your issue is likely that you are using external DNS which routes your request to your public IP and then back to your website. Setup internal DNS and point the site resolution to the internal IP directly.

然后如您所说，您可以执行以下操作:

Then as you stated, you can do the following:

cat << 'EOF' >/etc/nginx/private.conf
allow 192.168.1.0/24;
deny all;
EOF

site.conf:

include                 /etc/nginx/private.conf;

这篇关于在 NGINX 中只允许本地网络访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！