I have my website on nginx behind AWS Load Blancer. I want to block Some IP's to access my website. I tried a lot but nginx not recognised original client IP i failed to block IP's. Please help me to achive this. My nginx vhost file is as below:
======================
fastcgi_cache_path /mnt/cache/example.com/cache levels=1:2 keys_zone=example.com:100m inactive=30m;
map $http_x_forwarded_for $block {
180.179.124.98 1;
}
server {
server_name example.com;
root /var/www/website;
index index.php;
include modsecurity.conf;
############ Skip Cache #########
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don’t cache uris containing the following segments
if ($request_uri ~* "/wp-admin/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don’t use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
####################################
if ($block) { return 403; }
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wpfpmpool;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache example.com;
fastcgi_cache_valid 30m;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
# Logging –
access_log /var/log/nginx/example.com_custom.access.log;
access_log /var/log/nginx/example.com_custom.access.log main;
error_log /var/log/nginx/example.com_error.log;
}
======================
fastcgi_cache_path /mnt/cache/example.com/cache levels=1:2 keys_zone=example.com:100m inactive=30m;
map $http_x_forwarded_for $block {
180.179.124.98 1;
}
server {
server_name example.com;
root /var/www/website;
index index.php;
include modsecurity.conf;
############ Skip Cache #########
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don’t cache uris containing the following segments
if ($request_uri ~* "/wp-admin/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don’t use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
####################################
if ($block) { return 403; }
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wpfpmpool;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache example.com;
fastcgi_cache_valid 30m;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
# Logging –
access_log /var/log/nginx/example.com_custom.access.log;
access_log /var/log/nginx/example.com_custom.access.log main;
error_log /var/log/nginx/example.com_error.log;
}