Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Redirecting all requests that aren't from my IP with nginx

Tags:

redirect

http

nginx

I want all nginx requests that aren't made by my IP address to be redirected to /some-page. I'm currently using this nginx config:

    if ($remote_addr != 127.0.0.1) {
        rewrite ^ http://www.example.com/some-page;
    }

This works for me as I'm not redirected, but anyone else is stuck in a redirect loop since the block doesn't check if the request is for /some-page.

How can I fix this? I'm not sure how to check the request path.

like image 726
user1814016 Avatar asked Aug 01 '13 11:08

user1814016

People also ask

How do I redirect all HTTP requests to https NGINX?

Redirect HTTP to HTTPS version for Specified domain in Nginx Server_name domain-name.com www.domain-name.com – it specifies the domain names. So, replace it with your website domain name that you want to redirect. Return 301 https://domain-name.com$request_uri – it moves the traffic to the HTTPS version of the site.

What is NGINX permanent redirect?

Permanent redirects such as NGINX 301 Redirect simply makes the browser forget the old address entirely and prevents it from attempting to access that address anymore. These redirects are very useful if your content has been permanently moved to a new location, like when you change domain names or servers.

2 Answers

If this if is created inside the location / for example, create a separate location /some-page this way the if won't be executed when the URI is /some-page

EDIT: ok let me explain what i understood and you tell me if i'm right or wrong,
  1. Good IP (yours): serve page as it is
  2. Bad IP (not yours): redirect to /some-page

The problem is, when Bad IP is redirected to /some-page it still redirects to /some-page again because it's still a Bad IP, so it passes the if test

My solution: Remove the /some-page location from the / block:

location / {
    # bla bla
    if ($remote_addr != 127.0.0.1) {
        rewrite ^ http://www.example.com/some-page;
    }
    # rest of bla bla
}
location /some-page {
    try_files index.html index.php; # or whatever
}

When Bad IP is forwarded to /some-page it no longer will execute the if condition, so that will end the infinite redirection loop.

Second EDIT: You could set the permissions in nginx it self, let me demonstrate: 
location / {
    error_page 403 = @badip
    allow 127.0.0.1;
    deny all;
    #rest of bla bla
}
location @badip {
    return 301 $scheme://example.com/some-page;
}
like image 175
Mohammad AbuShady Avatar answered Oct 09 '22 23:10

Mohammad AbuShady

I ended up solving the issue by doing another if check for the request path. I knew nginx doesn't support nested if statements so I searched and found this blog post which provides a workaround -- updating a variable with each statement you want to check and then matching it in a final statement. In my case, I did this, which works:

    if ($remote_addr != 127.0.0.1) {
      set $check O;
    }
    if ($request_uri != "/some-page") {
      set $check "${check}K";
    }
    if ($check = OK) {
        rewrite ^ http://www.example.com/some-page;
    }
like image 21
user1814016 Avatar answered Oct 09 '22 22:10

user1814016
Sign in to Comment

Related questions

multipart/form-data without a boundary
What is the difference between JSONRequest and StringRequest in volley
Find out what is running on my port 80 on a Mac OSX
Collection was modified; enumeration operation may not execute randomly popping up - HTTP?
Symfony Http Client default headers not added
Restrict HTTP requests to 'POST' only in Struts 1.x
Basic Authentication with Flash
Which one is the message and which one the entity in HTTP terminology?
Silverlight HTTP POST few variables, SIMPLEST example (least code)
Post picture to Facebook using Python
Spring MVC Request body error handling
What are those URL's that are starting with // - that you can see within Google+ html source?
How to connect to HTTPS proxy?
Getting a list of files on a web server
Is basic HTTP auth in CouchDB safe enough for replication across EC2 regions?
Python Flask + nginx fcgi - output large response?
Should a POST request render HTML or redirect?
Jersey Client doesn't set Content-Length
Can i simulate heavy http load from one client machine
Can javascript delete a cookie set by http header?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!