Joanne Joanne - 4 months ago 24
Apache Configuration Question

Allow multiple IP's to site, redirect all others in nginx

I searched the forums, but I couldn't find any information on it (or it's not possible).

I have an .htaccess file like this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.2$
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.3$
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.4$
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.5$
RewriteCond %{REMOTE_ADDR} !^127\.0\.1\.[0-9]{1,3}$
RewriteRule .? http://disney.com/ [L]


Which works without issues, however we have moved to nginx. Now I always thought that the .htaccess would also work in nginx. Apparently it didn't and I only discovered this yesterday after someone send me an email about the website being reachable (or better said buggy). It shouldn't be accessible at all for him!

Anyways, now I am having a hard time to get the above rules to work in nginx as well.

Thanks to some posts on stackoverflow I found this link: https://winginx.com/en/htaccess

However this doesn't work. It only creates 1 IP redirection rule...?

So, as for my question(s);


  1. Is it even possible to allow several IP's, while redirecting all others to a different domain?

  2. If this is possible, what is the correct way to do this?



Thank you in advance.

Update:
Doesn't anyone have a solution for this...?
I have been waiting patiently, however nobody replied. Is this even possible? If this isn't possible, just let me know. Thank you!

Edit:
Correct me if I misunderstood, but the above RewriteCond's should only allow the mentioned IP's to go to my website, all others are being redirected to (in this example) to Disney, right? At least this is how it works in .htaccess.

In other words. Someone with IP 127.0.0.1 visits my website, because of the rule they are allowed. And when someone with IP 127.0.5.99 visits my site he/she will be redirected to disney.com.

All the examples below are the opposite. That or I am reading (and understanding) it completely wrong obviously.

This is what I only currently have in the section "Additional nginx directives" field:

gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml application/x-font-ttf font/opentype;

location ~* \.(?:ico|css|js|gif|jpe?g|png|svg|woff)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
proxy_read_timeout 90;
fastcgi_read_timeout 90;
}


Nothing else.

By the way; this domain is running under CentOS 6.8 with Plesk 12.5. Don't know if it's important. And I am setting the "Additional nginx directives" from the Plesk CP.

Answer

You are using Plesk, I wouldn't add those in the Plesk CP under 'Additional nginx directives', but rather under: /etc/nginx/nginx.conf (in the 'http'-section).

Quick example:

if ($remote_addr !~ "^88\.33\.160\.132$"){
    set $rule_0 1$rule_0;
}

if ($remote_addr !~ "^214\.166\.12\.70$"){
    set $rule_0 2$rule_0;
}

if ($remote_addr !~ "^69\.232\.83\.[0-9]{1,3}$"){
    set $rule_0 3$rule_0;
}

if ($rule_0 = "321"){
    rewrite /.? http://disney.com/ last;
}

I tested this myself and it works without issues (IP's are random).

In general; this is also the place where you want to add gzip caching functions.

gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml application/x-font-ttf font/opentype;

location ~* \.(?:ico|css|js|gif|jpe?g|png|svg|woff)$ {
   expires 30d;
   add_header Pragma public;
   add_header Cache-Control "public";
   proxy_read_timeout 90;
   fastcgi_read_timeout 90;
}

I would strongly recommend to avoid using the Plesk system, because in my own personal experience this can and probably will cause problems.

You also might want to check out some tutorials about nginx in general. The following ones are quite useful:

You might also want to check the forum from Plesk for answers in general about these kind of issues.

I hope this helps!

Comments