Restricting directory access to ip range


#1

Hello.

I’ve got the latest version of EasyEngine installed on Ubuntu 16.04. I’m attempting to restrict access of certain directories to specified IP ranges. For example, let’s say my domain is domain.com. Then I would like to restrict access to the http://domain.com/dir1/ directory to the ip range 45.99.0.0/16 and restrict http://domain.com/dir2/ to 45.98.0.0/16, etc.

I created a file called ip-filter.conf in the /var/www/domain.com/conf/nginx directory and put in some location blocks to restrict access, but it didn’t work. Evidently these location blocks are getting overridden.

My ip-filter.conf location blocks look like this:

location /dir1 { allow 45.99.0.0/16; deny all; }

How would I accomplish what I’m trying to do? Or is what I’m trying to do not really suited for nginx and rather I should use a WAF?

Thanks for the help.


#6