Select Page

WE IMPROVE YOUR BUSINESS

Direct support nodig bel: 056-4654561 of ga naar support

to secure nginx loadbalancing is implemented next:

 

Blocking/allowing IP-addresses in Nginx

On gateway:

vi global/proxy.conf

 


proxy_ssl_session_reuse on;
proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-gateway $server_addr;

add_header X-Upstream $upstream_addr;
add_header X-gateway $server_addr;

include global/cors.conf;

on production:

vi global/security.conf

#### proxy security

set $block_me_now A;

set $gatewaySource $http_x_gateway;

if ($gatewaySource != ‘84.22.108.141’) {
set $block_me_now “${block_me_now}B”;
}

if ($gatewaySource = ”) {
set $block_me_now “emptyB”;
}

#add_header X-gateway-dest $gatewaySource;
add_header X-gateway-dest-check $block_me_now;

if ($block_me_now != A) {
return 403;
break;
}

#### wp security
location ~ /(\.|wp-config.php|readme.html|license.txt) {
deny all;
}
location = /xmlrpc.php {
deny all;
access_log off;
log_not_found off;
}

Cheatsheet

Error

Access to CSS stylesheet at ‘https://cdn.4bis.nl/techlabs.4bis.nl/leafletjs/leaflet.css’ from origin ‘https://futuregiethoorn.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://futuregiethoorn.com’ is therefore not allowed access.

add_header Access-Control-Allow-Origin sub.example.com;