加入yum的更新源
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 enabled=1
安裝Geo-Moudules
yum -y install geoip-devel nginx-module-geoip -y
檢查nginx底下是否有這兩支檔案
ls /etc/nginx/modules/ngx_http_geoip_module.so ls /etc/nginx/modules/ngx_stream_geoip_module.so
修改nginx.conf
load_module /etc/nginx/modules/ngx_http_geoip_module.so; load_module /etc/nginx/modules/ngx_stream_geoip_module.so; http { geo $allow_whitelist { default 0; include /etc/nginx/conf.d/whitelist-geoallow; } }
修改conf.d/default.conf
if ($allow_whitelist = 0) {return 401;} error_page 403 @error; error_page 405 @maintenance; location @maintenance { rewrite ^(.*)$ http://api.test.com/ break; } location @error { root /etc/nginx/conf.d/html/error/; try_files $uri /401.json =401; add_header Cache-Control no-cache; }
新增檔案conf.d/whitelist-geoallow
#1代表允許 0代表封鎖 123.123.123.123 1; 221.221.221.221 1;