Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how to "allow from hostname" in nginx config

Tags:

nginx

I'm currently doing this in my nginx.conf:

allow 1.2.3.4;
deny;

What I'd really like to do is this:

allow my.domain.name;
deny;

I.e., I want nginx to do an A record lookup on my.domain.name at the time of the request, and if it matches the IP that the request is coming from, then allow it. I don't see any built-in mechanism to do this however. Anybody have a native way to do this before I start coding something custom?

like image 697
Alex Howansky Avatar asked Nov 22 '10 14:11

Alex Howansky

People also ask

How enable conf file in nginx?

We can enable a server block's configuration file by creating a symbolic link from the sites-available directory to the sites-enabled directory, which Nginx will read during startup. To do this, enter the following command: sudo ln -s /etc/nginx/sites-available/ example.com /etc/nginx/sites-enabled/

What is server name in nginx config?

If no server_name is defined in a server block then nginx uses the empty name as the server name. nginx versions up to 0.8. 48 used the machine's hostname as the server name in this case. If a server name is defined as “ $hostname ” (0.9.

How do I restrict access to nginx?

Restricting Directory AccessLog in to the web server. Locate the Nginx configuration template (see "Locating the Nginx configuration file"). Add the deny directive (see "The Deny Directive") to the server block of your site's configuration. Save your changes and restart Nginx.

2 Answers

ngx_http_rdns_module does what you need: https://www.nginx.com/resources/wiki/modules/rdns/ (https://github.com/flant/nginx-http-rdns)

Summary

This module allows to make a reverse DNS (rDNS) lookup for incoming connection and provides simple access control of incoming hostname by allow/deny rules (similar to HttpAccessModule allow/deny directives; regular expressions are supported). Module works with the DNS server defined by the standard resolver directive.

Example

location / {
    resolver 127.0.0.1;

    rdns_deny badone\.example\.com;

    if ($http_user_agent ~* FooAgent) {
        rdns on;
    }

    if ($rdns_hostname ~* (foo\.example\.com)) {
        set $myvar foo;
    }

    #...
}
like image 79
Dmitry Shurupov Avatar answered Sep 17 '22 13:09

Dmitry Shurupov

There is no such feature in official distribution of nginx. Beacause it may heavily reduce performance.

Third party modules http://wiki.nginx.org/3rdPartyModules also doesn't contain this feature.

like image 32
CyberDem0n Avatar answered Sep 20 '22 13:09

CyberDem0n
Sign in to Comment

Related questions

proxy_pass isn't working when SELinux is enabled, why?
NGINX unescapes %2f to a forward slash. How can I stop it?
Ratchet + nginx + SSL/secure websocket
No live upstreams while connecting to upstream, but upsteam is OK
nginx server configuration: subdomain to folder
Performance issues running nginx in a docker container
in nginx config, what is the meaning of caret ^ by itself?
Django + uWSGI + Nginx + SSL - request for working configuration (emphasis on SSL)
How to specify mimetype of files with no extension in NGINX config?
Unable to use environment variables in Lua code
Nginx: broken_header with proxy_protocol and ELB
Any good way to programmatically change nginx config file from python?
SaltStack: In a watch statement, how do I specify a directory where all files should be watched?
Configure Nginx to reply to http://my-domain.com/.well-known/acme-challenge/XXXX
Docker compose with nginx keeps displaying welcome page
Connect to unix:/var/run/php5-fpm.sock failed. What is wrong with my setup?
nginx redirect all directories except one
Cache a static file in memory forever on Nginx?
Kubernetes Nginx Ingress not finding service endpoint
SSL Pass-Through in Nginx Reverse proxy?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!