nginx proxy - how to allow connection from a specific ip

Question

I've installed nginx and set it up as a forward proxy (see attached nginx.conf) The server became overloaded and it seems like someone else was using it.

is there a way to limit the nginx proxy to receive request only from specific ips?

Please explain how I should change the nginx.conf to do it for ip 123.456.123.345

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    gzip  on;

    server {
        listen       8080;

        location / {
            resolver 8.8.8.8;
            proxy_pass http://$http_host$uri$is_args$args;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

Answer 1

Do it like this:

location / {
    allow 123.456.123.345;
    deny  all;
    resolver 8.8.8.8;
    proxy_pass http://$http_host$uri$is_args$args;
}

From the docs:

The rules are checked in sequence until the first match is found.

So if IP equals 123.456.123.345, access will be allowed, otherwise - denied.

If you want to allow multiple IPs, you can specify them before deny all;:

allow 123.456.123.345;
allow 345.123.456.123;
deny  all;

"location" directive should be inside a 'server' directive