How to check IP range in nginx location?

Question

I have nginx.conf and need to check the client request IP $remote_addr in IPs range or not? My IP range means 123.132.123.15 to 123.132.123.50 (15 - 50). And valid IPs need include some specific IPs. Any solution without input 36 IP addresses in the list. Thanks

Lenniey · Answer 1 · 2018-07-19T10:05:11.963

1

You can achieve that (for example) using ranges and the nginx geo module.

This is the example from the page:

Example with ranges:

geo $country {
    ranges;
    default                   ZZ;
    127.0.0.0-127.0.0.0       US;
    127.0.0.1-127.0.0.1       RU;
    127.0.0.1-127.0.0.255     US;
    10.1.0.0-10.1.255.255     RU;
    192.168.1.0-192.168.1.255 UK;
}

Alternatively you can calculate the CIDR notation of your range using any calculator (or mentally, if you're so inclined) and block them using the nginx http access module.

For your example this would look something like this:

location /whatever {
    deny  123.132.123.15/32
    deny  123.132.123.16/28
    deny  123.132.123.32/28
    deny  123.132.123.48/31
    deny  123.132.123.50/32;
    allow all;
}

edited Jul 19 '18 at 10:05

answered Jul 19 '18 at 09:57

Lenniey

5,220
2
18
29

Can you explain more about the second example? – Huy Chau Jul 19 '18 at 10:01
I calculated your given IP range using a CIDR calculator and inserted them into the deny rules. These 5 CIDR cover all 36 IPs of your range. As far as I know the http access module doesn't support the range notation. – Lenniey Jul 19 '18 at 10:04

How to check IP range in nginx location?

1 Answers1