Nginx 기본 내장 변수 목록 Embedded Variables list
http://nginx.org/en/docs/http/ngx_http_core_module.html

$remote_addr : client IP
$request : 요청한 url
$status : http response code
$http_user_agent : 브라우저 agent


//-------------------------------------
    - nginx 비교 방식
https://stackoverflow.com/questions/59846238/guide-on-how-to-use-regex-in-nginx-location-block-section

# --------------------------------------------------------------------------------------------------------------------------------------------
# Search-Order       Modifier       Description                                                        Match-Type        Stops-search-on-match
# --------------------------------------------------------------------------------------------------------------------------------------------
#     1st               =           The URI must match the specified pattern exactly                  Simple-string              Yes
#     2nd               ^~          The URI must begin with the specified pattern                     Simple-string              Yes
#     3rd             (None)        The URI must begin with the specified pattern                     Simple-string               No
#     4th               ~           The URI must be a case-sensitive match to the specified Rx      Perl-Compatible-Rx      Yes (first match)                 
#     4th               ~*          The URI must be a case-insensitive match to the specified Rx    Perl-Compatible-Rx      Yes (first match)
#     N/A               @           Defines a named location block.                                   Simple-string              Yes
# --------------------------------------------------------------------------------------------------------------------------------------------


= : 정확히 일치
^~ :  시작부분 일치( if 에는 사용되지 않음)

       - 정규식
~ : 대소문자 구분
~* : 대소문자 구분 안함


//-------------------------------------
* NginX 설정 파일 (conf) 수정
    -  server {  ...  안에서 작동


    - 브라우저 agent로 막기
if ($http_user_agent ~* (python-requests|badBot|LieBaoFast|UCBrowser|MQQBrowser|Mb2345Browser) ) {
    return 403;
}

    - 접속 IP로 막기
if ($remote_addr ~ (10.1.1.1|10.1.1.2) ) {
    return 403;
}

    - 접속 요청하는 url로 막기
if ($request ~* (getAdmin|hackAdmin) ) {
    return 403;
}

반응형
Posted by codens