堆栈内存溢出
  繁体   English   中英

NGINX GeoIP2 阻止国家和实施自定义 403 页面

[英]NGINX GeoIP2 blocking countries and implementing custom 403 page

 原文  2020-06-13 23:56:16       nginx/ redirect/ http-status-code-403/ geoip2

问题描述

这让我很生气,希望有人可以提供帮助。 我有以下警告: But the 403 page is not friendly to blocked countries ,我想将被阻止的人重定向到自定义 403 页面。

map $geoip2_data_country_code $allowed_country {

    default no;
    AU yes;
    CA yes;
    GB yes;
    NZ yes;
    US yes;
}

server {



location / {

    if ($allowed_country = no) {

     return 403;

}
     index                               index.php index.html;

     try_files                           $uri $uri/ /index.php?$args;

}
}

我的自定义文件位于/var/www/sitename/403/index.html中。 我尝试了很多建议,但没有奏效:(

2 个解决方案

解决方案1
 0  2020-06-14 05:51:04

尝试对您的配置进行以下更改:

server {
    ...
    error_page 403 /403/;

    location /403/ {
        internal;
        root /var/www/sitename;
    }

    location / {
        if ($allowed_country = no) {
            return 403;
        }
        ...
    }
}

解决方案2
 0  2020-06-15 00:26:31

这是我对 vhost 文件的完整配置。

##################################
# WORDPRESS NGINX CONFIGURATIONS
##################################

map $geoip2_data_country_code $allowed_country {
    default no;
    AU yes;
    CA yes;
    GB yes;
    NZ yes;
    US yes;
}

server {

root /var/www/example;
server_name www.example.com example.com;
access_log /var/log/nginx/wp_client_access.log;
error_log /var/log/nginx/wp_client_error.log;

   if ($allowed_country = no) {
       return 403;
   }


location / {
    index                               index.php index.html;
    try_files                           $uri $uri/ /index.php?$args;
}

# Specify a charset
        charset                         utf-8;
# GZIP
        gzip                            on;
        gzip_disable                    "msie6";
        gzip_vary                       on;
        gzip_proxied                    any;
        gzip_comp_level                 6;
        gzip_buffers                    16 8k;
        gzip_http_version               1.1;
        gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/plain text/xml;

# Add trailing slash to */wp-admin requests.
        rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Prevents hidden files (beginning with a period) from being served
location ~ /\. {
        access_log                      off;
        log_not_found                   off;
        deny                            all;
}

###########
# SEND EXPIRES HEADERS AND TURN OFF 404 LOGGING
###########

        location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
        access_log                      off;
        log_not_found                   off;
        expires                         max;
}

# Pass all .php files onto a php-fpm or php-cgi server
location ~ \.php$ {
        try_files                       $uri =404;
        include                         /etc/nginx/fastcgi_params;
        fastcgi_read_timeout            3600s;
        fastcgi_buffer_size             128k;
        fastcgi_buffers                 4 128k;
        fastcgi_param                   SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass                    unix:/run/php/php7.3-fpm.sock;
        #fastcgi_pass                    unix:/run/php/php7.2-fpm.sock;
        #fastcgi_pass                   unix:/run/php/php7.0-fpm.sock;
        fastcgi_index                   index.php;
}

# ROBOTS

         location = /robots.txt {
               allow all;
               log_not_found off;
               access_log off;
        }

#rewrite rules for AIOSEOP XML Sitemap v3.1
rewrite ^/sitemap.xml$ /index.php?aiosp_sitemap_path=root last;
rewrite ^/sitemap.xml.gz$ /index.php?aiosp_sitemap_path=root last;
rewrite ^/(.+)-sitemap.xml$ /index.php?aiosp_sitemap_path=$1 last;
rewrite ^/(.+)-sitemap.xml.gz$ /index.php?aiosp_sitemap_path=$1 last;
rewrite ^/(.+)-sitemap(\d+).xml$ /index.php?aiosp_sitemap_path=$1&aiosp_sitemap_page=$2 last;
rewrite ^/(.+)-sitemap(\d+).xml.gz$ /index.php?aiosp_sitemap_path=$1&aiosp_sitemap_page=$2 last;

# RESTRICTIONS
location ~* /(?:uploads|files)/.*\.php$ {
 deny all;
}


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/guidinglightpsychics.com.au-0002/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/guidinglightpsychics.com.au-0002/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}


server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


server_name www.example.com example.com;
    listen 80;
    return 404; # managed by Certbot

}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在没有if的情况下阻止某些国家/地区(geoip2)的页面? nginx的geoip2不起作用 在 Nginx 中使用 GeoIP2 获取用户国家 宅基地安装GeoIp2 NGINX模块错误 Nginx自定义错误页面和geoip块。 如何在生产环境中运行的 Nginx 上安装 Geoip2 模块? 403 Forbidden:nginx阻止了默认页面 Nginx自定义403页面不起作用 使用nginx返回自定义403错误页面 无法启用 geoip 阻止 nginx - [emerg] 未知指令“geoip_country”
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM