NGINX封禁IP(简化版)

一、通过blockip.conf文件管理黑名单

1、在nginx的conf目录下,新建blockip.conf文件,按照以下格式写入需要封禁的IP或IP段:

deny 192.168.1.100;       # 封禁单个IP
deny 10.0.0.0/24;         # 封禁整个IP段
deny 203.0.113.0/28;      # 封禁子网段

2、在Nginx主配置文件中引入blockip.conf文件

nginx.confhttp块或具体server块中通过include引入黑名单文件:

http {
    include /usr/local/nginx/conf/blockip.conf;  # 全局生效
    
    server {
        listen 80;
        server_name example.com;
        # include /etc/nginx/blockip.conf;  # 或仅针对当前server生效
    }
}

3、验证并重启Nginx

# 验证主配置文件是否配置正确命令
/usr/local/nginx/sbin/nginx -tc /usr/local/nginx/conf/nginx.conf
# 输出结果如下出现successful 则为正确
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

# 重启Nginx使新配置生效
/usr/local/nginx/sbin/nginx -s reload

至此Nginx简单封禁IP配置已完成!

 

posted @ 2025-12-13 12:52  阿尔法哲  阅读(4)  评论(0)    收藏  举报