Lighttpd has mod_access module. The access module is used to deny access to files with given trailing path names. You need to combine this with remoteip conditional configuration. Syntax is as follows:
$HTTP["remoteip"] == "IP" : Match on the remote IP
$HTTP["remoteip"] !~ "IP1|IP2" : Do not match on the remote IP (perl style regular expression not match)
$HTTP["remoteip"] =~ "IP1|IP2" : Match on the remote IP (perl style regular expression match)
Task: Match on the remote IP
For example block access to http://theos.in/stats/ url if IP address is NOT 192.168.1.5 and 192.168.1.10 (restrict access to these 2 IPs only):Open /etc/lighttpd/lighttpd.conf file
# vi /etc/lighttpd/lighttpd.conf Append following configuration directive:
$HTTP["remoteip"] !~ "200.19.1.5|210.45.2.7" {
$HTTP["url"] =~ "^/stats/" {
url.access-deny = ( "" )
}
}
Save and restart lighttpd:# /etc/init.d/lighttpd restartTask: Block single remote IP
Do not allow IP address 202.54.1.1 to access our site:$HTTP["remoteip"] == "202.54.1.1" {
url.access-deny = ( "" )
}
Do not allow IP address 202.54.1.1,202.54.2.5 to access our site:Do not allow IP address 202.54.1.1 to access our site:
$HTTP["remoteip"] =~ "202.54.1.1|202.54.2.5" {
url.access-deny = ( "" )
}
No comments:
Post a Comment