{"id":5543,"date":"2023-02-15T18:50:21","date_gmt":"2023-02-15T13:20:21","guid":{"rendered":"https:\/\/trysiteprice.com\/blog\/?p=5543"},"modified":"2023-02-15T18:50:21","modified_gmt":"2023-02-15T13:20:21","slug":"nginx-block-and-deny-ip-address-or-network-subnets","status":"publish","type":"post","link":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/","title":{"rendered":"Nginx Block And Deny IP Address OR Network Subnets"},"content":{"rendered":"<p>You can use Nginx to block and deny access to specific IP addresses or network subnets by adding a <code>deny<\/code> directive in your Nginx configuration file. Here&#8217;s how to do it:<\/p>\n<ol>\n<li>Open your Nginx configuration file in a text editor. The file is typically located at <code>\/etc\/nginx\/nginx.conf<\/code> or <code>\/etc\/nginx\/conf.d\/default.conf<\/code>.<\/li>\n<li>Inside the <code>http<\/code> block, add a <code>geo<\/code> block that defines the IP addresses or subnets you want to block:\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre hljs language-php\">http {<br \/>\n    <span class=\"hljs-comment\"># ...<\/span><br \/>\n    geo <span class=\"hljs-variable\">$blocked_ips<\/span> {<br \/>\n        <span class=\"hljs-keyword\">default<\/span> <span class=\"hljs-number\">0<\/span>;<br \/>\n        <span class=\"hljs-number\">1.2<\/span>.<span class=\"hljs-number\">3.4<\/span>\/<span class=\"hljs-number\">32<\/span> <span class=\"hljs-number\">1<\/span>;<br \/>\n        <span class=\"hljs-number\">5.6<\/span>.<span class=\"hljs-number\">7.0<\/span>\/<span class=\"hljs-number\">24<\/span> <span class=\"hljs-number\">1<\/span>;<br \/>\n        <span class=\"hljs-number\">8.9<\/span>.<span class=\"hljs-number\">10.11<\/span> <span class=\"hljs-number\">1<\/span>;<br \/>\n    }<br \/>\n}<br \/>\n<\/code><\/div>\n<\/div>\n<p>In this example, we&#8217;re defining a <code>$blocked_ips<\/code> variable that is set to <code>1<\/code> for the IP addresses or subnets we want to block. The <code>default 0<\/code> line sets the variable to <code>0<\/code> by default, meaning that IP addresses not explicitly defined in the <code>geo<\/code> block will not be blocked.<\/p>\n<p>You can define IP addresses or subnets in CIDR notation (e.g. <code>1.2.3.4\/32<\/code> for a single IP address, <code>5.6.7.0\/24<\/code> for a network subnet, or <code>8.9.10.11<\/code> for a single IP address without a subnet).<\/li>\n<li>In your server block or location block, add a <code>deny<\/code> directive that uses the <code>$blocked_ips<\/code> variable:\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre hljs language-python\">server {<br \/>\n    <span class=\"hljs-comment\"># ...<\/span><br \/>\n    location \/ {<br \/>\n        deny <span class=\"hljs-built_in\">all<\/span>;<br \/>\n        allow <span class=\"hljs-number\">1.2<\/span><span class=\"hljs-number\">.3<\/span><span class=\"hljs-number\">.4<\/span>;<br \/>\n        allow <span class=\"hljs-number\">5.6<\/span><span class=\"hljs-number\">.7<\/span><span class=\"hljs-number\">.0<\/span>\/<span class=\"hljs-number\">24<\/span>;<br \/>\n        allow <span class=\"hljs-number\">8.9<\/span><span class=\"hljs-number\">.10<\/span><span class=\"hljs-number\">.11<\/span>;<br \/>\n        <span class=\"hljs-comment\"># ...<\/span><br \/>\n    }<br \/>\n}<br \/>\n<\/code><\/div>\n<\/div>\n<p>In this example, we&#8217;re denying all access by default using the <code>deny all<\/code> directive, and then using the <code>allow<\/code> directive to allow access from specific IP addresses or subnets. The <code>deny<\/code> directive with the <code>$blocked_ips<\/code> variable will block access from IP addresses or subnets defined in the <code>geo<\/code> block.<\/li>\n<li>Save and close the configuration file, and then reload Nginx to apply the changes:\n<div class=\"bg-black mb-4 rounded-md\">\n<div class=\"flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans\"><\/div>\n<div class=\"p-4 overflow-y-auto\"><code class=\"!whitespace-pre hljs\">sudo service nginx reload<br \/>\n<\/code><\/div>\n<\/div>\n<p>After reloading Nginx, the specified IP addresses or subnets will be denied access to your website.<\/li>\n<\/ol>\n<p>Note that this is just one way to block and deny IP addresses or subnets in Nginx, and there are many other ways to do it using Nginx modules or third-party tools. Be sure to test your configuration carefully to ensure that it works as expected, and be aware that incorrectly blocking IP addresses or subnets can have unintended consequences.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>You can use Nginx to block and deny access to specific IP addresses or network subnets by adding a deny directive in your Nginx configuration file. Here&#8217;s how to do it: Open your Nginx configuration file in a text editor. The file is typically located at \/etc\/nginx\/nginx.conf or \/etc\/nginx\/conf.d\/default.conf. Inside the http block, add a &#8230; <a title=\"Nginx Block And Deny IP Address OR Network Subnets\" class=\"read-more\" href=\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\" aria-label=\"Read more about Nginx Block And Deny IP Address OR Network Subnets\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5543","post","type-post","status-publish","format-standard","hentry","category-best-tutorial"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice\" \/>\n<meta property=\"og:description\" content=\"You can use Nginx to block and deny access to specific IP addresses or network subnets by adding a deny directive in your Nginx configuration file. Here&#8217;s how to do it: Open your Nginx configuration file in a text editor. The file is typically located at \/etc\/nginx\/nginx.conf or \/etc\/nginx\/conf.d\/default.conf. Inside the http block, add a ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\" \/>\n<meta property=\"og:site_name\" content=\"TrySitePrice\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-15T13:20:21+00:00\" \/>\n<meta name=\"author\" content=\"Rahul Sahu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\"},\"author\":{\"name\":\"Rahul Sahu\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4\"},\"headline\":\"Nginx Block And Deny IP Address OR Network Subnets\",\"datePublished\":\"2023-02-15T13:20:21+00:00\",\"dateModified\":\"2023-02-15T13:20:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\"},\"wordCount\":292,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\"},\"articleSection\":[\"Best\/Tutorial\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\",\"url\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\",\"name\":\"Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice\",\"isPartOf\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#website\"},\"datePublished\":\"2023-02-15T13:20:21+00:00\",\"dateModified\":\"2023-02-15T13:20:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/trysiteprice.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Nginx Block And Deny IP Address OR Network Subnets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#website\",\"url\":\"https:\/\/trysiteprice.com\/blog\/\",\"name\":\"TrySitePrice\",\"description\":\"Free Website Value Calculator Tool\",\"publisher\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/trysiteprice.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#organization\",\"name\":\"TrySitePrice\",\"url\":\"https:\/\/trysiteprice.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png\",\"contentUrl\":\"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png\",\"width\":395,\"height\":268,\"caption\":\"TrySitePrice\"},\"image\":{\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4\",\"name\":\"Rahul Sahu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g\",\"caption\":\"Rahul Sahu\"},\"sameAs\":[\"https:\/\/trysiteprice.com\/blog\"],\"url\":\"https:\/\/trysiteprice.com\/blog\/author\/rsahu4242_trysiteprice\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/","og_locale":"en_US","og_type":"article","og_title":"Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice","og_description":"You can use Nginx to block and deny access to specific IP addresses or network subnets by adding a deny directive in your Nginx configuration file. Here&#8217;s how to do it: Open your Nginx configuration file in a text editor. The file is typically located at \/etc\/nginx\/nginx.conf or \/etc\/nginx\/conf.d\/default.conf. Inside the http block, add a ... Read more","og_url":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/","og_site_name":"TrySitePrice","article_published_time":"2023-02-15T13:20:21+00:00","author":"Rahul Sahu","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#article","isPartOf":{"@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/"},"author":{"name":"Rahul Sahu","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4"},"headline":"Nginx Block And Deny IP Address OR Network Subnets","datePublished":"2023-02-15T13:20:21+00:00","dateModified":"2023-02-15T13:20:21+00:00","mainEntityOfPage":{"@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/"},"wordCount":292,"commentCount":0,"publisher":{"@id":"https:\/\/trysiteprice.com\/blog\/#organization"},"articleSection":["Best\/Tutorial"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/","url":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/","name":"Nginx Block And Deny IP Address OR Network Subnets - TrySitePrice","isPartOf":{"@id":"https:\/\/trysiteprice.com\/blog\/#website"},"datePublished":"2023-02-15T13:20:21+00:00","dateModified":"2023-02-15T13:20:21+00:00","breadcrumb":{"@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/trysiteprice.com\/blog\/nginx-block-and-deny-ip-address-or-network-subnets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/trysiteprice.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Nginx Block And Deny IP Address OR Network Subnets"}]},{"@type":"WebSite","@id":"https:\/\/trysiteprice.com\/blog\/#website","url":"https:\/\/trysiteprice.com\/blog\/","name":"TrySitePrice","description":"Free Website Value Calculator Tool","publisher":{"@id":"https:\/\/trysiteprice.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/trysiteprice.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/trysiteprice.com\/blog\/#organization","name":"TrySitePrice","url":"https:\/\/trysiteprice.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png","contentUrl":"https:\/\/trysiteprice.com\/blog\/wp-content\/uploads\/2021\/12\/cropped-trysiteprice-logo.png","width":395,"height":268,"caption":"TrySitePrice"},"image":{"@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/358e04eeea4281deacad2f30c58e67f4","name":"Rahul Sahu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/trysiteprice.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/51f0f95f7b95665f62baed2211572165?s=96&d=mm&r=g","caption":"Rahul Sahu"},"sameAs":["https:\/\/trysiteprice.com\/blog"],"url":"https:\/\/trysiteprice.com\/blog\/author\/rsahu4242_trysiteprice\/"}]}},"_links":{"self":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/5543","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/comments?post=5543"}],"version-history":[{"count":1,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/5543\/revisions"}],"predecessor-version":[{"id":5546,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/posts\/5543\/revisions\/5546"}],"wp:attachment":[{"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/media?parent=5543"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/categories?post=5543"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trysiteprice.com\/blog\/wp-json\/wp\/v2\/tags?post=5543"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}