To restrict access in nginx we make use of the HttpAccessModule.
An example configuration:
location / {
deny 192.168.1.1;
allow 192.168.1.0/24;
allow 10.1.1.0/16;
allow 2620:100:e000::8001;
deny all;
}
If you want to restrict access of several sites you can create a config file to be included in a site’s config file.
nano /etc/nginx/restrict_access
and add the IP-addresses to allow or deny. Then open the config file in /etc/nginx/sites-available and add the following line to the section you want to restrict:
# Restrict access to a group of allowed
# IP-addresses.
include restrict_access;
Now you only have to restart nginx.