Add whitelisting logic for nginx to docs
This commit is contained in:
parent
6476978a2e
commit
ed4cc86c5c
1 changed files with 16 additions and 0 deletions
|
@ -805,9 +805,25 @@ and [here](https://easyengine.io/tutorials/nginx/block-wp-login-php-bruteforce-a
|
||||||
|
|
||||||
=== "/etc/nginx/nginx.conf"
|
=== "/etc/nginx/nginx.conf"
|
||||||
```
|
```
|
||||||
|
# Rate limit all IP addresses
|
||||||
http {
|
http {
|
||||||
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
|
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Alternatively, whitelist certain IP addresses
|
||||||
|
http {
|
||||||
|
geo $limited {
|
||||||
|
default 1;
|
||||||
|
116.203.112.46/32 0;
|
||||||
|
132.226.42.65/32 0;
|
||||||
|
...
|
||||||
|
}
|
||||||
|
map $limited $limitkey {
|
||||||
|
1 $binary_remote_addr;
|
||||||
|
0 "";
|
||||||
|
}
|
||||||
|
limit_req_zone $limitkey zone=one:10m rate=1r/s;
|
||||||
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
=== "/etc/nginx/sites-enabled/ntfy.sh"
|
=== "/etc/nginx/sites-enabled/ntfy.sh"
|
||||||
|
|
Loading…
Reference in a new issue