I am trying to restrict access to the admin section of my django app by using simple host-based access control in nginx. Unfortunately nginx does not seem to abide by the configuration request:
this is my setting for this particular section in nginx:
# gunicorn setup
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /admin/ { # restrict access to admin section
allow 192.168.0.1;
deny all;
}
This does still block my ip 192.168.0.1. What am I doing wrong? Is there another way to block access to the /admin/ section of a django app?
I found a solution to this problem by replacing the /admin/ location with the following:
location ^~ /admin/ { # restrict access to admin section
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
allow 192.168.0.1;
deny all;
}
I hope this will save someone some long searches on the internet. I would appreciate answers offering a better solution.
来源:https://stackoverflow.com/questions/22208535/restrict-access-to-the-admin-url-by-ip-in-django-with-nginx-and-gunicorn