Nginx access control configuration to restrict access to specified users

WBOY
Release: 2023-07-04 10:37:13
Original
2220 people have browsed it

Nginx access control configuration, restricting access to specified users

In the web server, access control is an important security measure used to limit the access rights of specific users or IP addresses. As a high-performance web server, Nginx also provides powerful access control functions. This article will introduce how to use Nginx configuration to limit the access permissions of specified users, and provide code examples for reference.

First, we need to prepare a basic Nginx configuration file. Assume that we already have a website and the configuration file path is/etc/nginx/nginx.conf. In this configuration file, we will add the following access control configuration:

http { # 其他配置内容... # 定义一个验证文件,包含允许访问的用户名及密码 auth_basic_user_file /etc/nginx/conf.d/.htpasswd; # 定义一个location块,对指定URL路径进行访问控制 location /private { # 开启基于HTTP基本认证的访问控制 auth_basic "Restricted"; # 指定只对特定用户名进行访问控制 auth_basic_user_file /etc/nginx/conf.d/.htpasswd; # 其他配置内容... } }
Copy after login

In the above configuration, we used theauth_basic_user_filedirective to define an authentication file that contains the users allowed access name and corresponding password. The path of this verification file is/etc/nginx/conf.d/.htpasswd, we can change it according to actual needs.

Next, we use thelocationblock to perform access control on the specified URL path. In the example, we use/privateas the path with restricted access. You can adjust it according to the actual situation. In thelocationblock, we use theauth_basicdirective to enable access control based on HTTP basic authentication.

In order to restrict access to only specific users, we use theauth_basic_user_filedirective again and specify the path to the verification file. This way, only usernames present in the verification file can access restricted URL paths.

Next, we need to prepare the verification file.htpasswd. This file can be generated using the htpasswd command, which is a tool provided byApache HTTP Server. Execute the following command in the terminal to generate the verification file:

htpasswd -c /etc/nginx/conf.d/.htpasswd user1
Copy after login

The above command will generate a.htpasswdfile under the specified path and set the password for useruser1. In order to add more users, you can remove the-coption, as shown below:

htpasswd /etc/nginx/conf.d/.htpasswd user2
Copy after login

After this, you can continue to set passwords for more users as needed.

Finally, we need to restart the Nginx server to make the configuration take effect. Execute the following command in the terminal:

sudo service nginx restart
Copy after login

Now, only users present in the verification file can access the restricted URL path. Other users will not be able to pass authorization, thus increasing the security of the website.

Summary:

This article introduces how to use Nginx configuration to limit the access permissions of specified users. First, we defined the path to the verification file in the Nginx configuration file and enabled access control based on HTTP basic authentication. Then, the URL path to which access is restricted is specified through thelocationblock, and the path to the verification file is specified again to restrict access to only specific users. Finally, we used the htpasswd command to generate the verification file and restarted the Nginx server to make the configuration take effect.

I hope this article will help you understand Nginx access control configuration and learn to restrict the access permissions of specified users. If you have other questions, you can refer to Nginx official documentation or conduct further consultation and research.

The above is the detailed content of Nginx access control configuration to restrict access to specified users. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn