Allow and Deny IP's

Kaushal Shriyan kaushalshriyan at gmail.com
Tue Feb 6 14:56:04 UTC 2018 

On Tue, Feb 6, 2018 at 5:32 AM, Ph. Gras <ph.gras at worldonline.fr> wrote:

> Hello there!
>
>
> location ~* wp-login\.php$ {
>         allow 127.0.0.1;
>         allow A.B.C.D;          // My server's IP
>         allow E.F.G.H/13;               // The IP range where I am
>         deny all;
>         if ($http_user_agent = "-") { return 403;}
>         if ($http_user_agent = "") { return 403;}
>         if ($http_referer = "-") { return 403;}
>         if ($http_referer = "") { return 403;}
>         limit_conn limit 5;
> }
>
> 185.124.153.168 - - [05/Feb/2018:21:36:12 +0100] "GET /wp-login.php
> HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0)
> Gecko/20100101 Firefox/34.0"
> 185.124.153.168 - - [05/Feb/2018:21:36:12 +0100] "POST /wp-login.php
> HTTP/1.1" 200 1688 "http://www.example.com/wp-login.php" "Mozilla/5.0
> (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
> 81.177.126.235 - - [05/Feb/2018:22:08:21 +0100] "GET /wp-login.php
> HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0)
> Gecko/20100101 Firefox/34.0"
> 81.177.126.235 - - [05/Feb/2018:22:08:22 +0100] "POST /wp-login.php
> HTTP/1.1" 200 1688 "http://www.example.com/wp-login.php" "Mozilla/5.0
> (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
> 109.252.93.223 - - [06/Feb/2018:00:20:05 +0100] "GET /wp-login.php
> HTTP/1.1" 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0)
> Gecko/20100101 Firefox/34.0"
> 109.252.93.223 - - [06/Feb/2018:00:20:05 +0100] "POST /wp-login.php
> HTTP/1.1" 200 1688 "http://www.example.com/wp-login.php" "Mozilla/5.0
> (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
> 95.26.90.3 - - [06/Feb/2018:00:20:10 +0100] "GET /wp-login.php HTTP/1.1"
> 200 1300 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101
> Firefox/34.0"
> 95.26.90.3 - - [06/Feb/2018:00:20:11 +0100] "POST /wp-login.php HTTP/1.1"
> 200 1688 "http://www.example.com/wp-login.php" "Mozilla/5.0 (Windows NT
> 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
>
> Me too :-(
>
> Ph. Gras
>
> > Hi,
> >
> > When i run this curl call -> curl -X GET http://13.127.165.226/ -H
> 'cache-control: no-cache' -H 'postman-token: 2494a4a7-6791-2426-cedf-d0bcaa1cd90a'
> -H 'x-forwarded-for: 12.12.12.13.11'
> >
> > Ideally the request should not be allowed and the access log should
> report 403 instead of 200
> > I get 200 OK in the access.log
> >
> >   location / {
> >         proxy_set_header X-Forwarded-For $remote_addr;
> >         allow   182.76.214.126/32;
> >         allow   116.75.80.47/32;
> >         deny all;
> >         error_page 404 /404.html;
> >             location = /40x.html {
> >         }
> >
> > Please let me know if i am missing anything.
> >
> > Best Regards,
> >
> > Kaushal
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


Hi,

Checking in if anyone can pitch in for help for my post to this mailing
list.

Thanks in Advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180206/20de8463/attachment.html>

More information about the nginx mailing list