NginxÔõÑùʵÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖÃ
NginxÔõÑùʵÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖã¬ÐèÒªÏêϸ´úÂëʾÀý
ÔÚÍøÂçÓ¦Óÿª·¢ÖУ¬¹ØÓÚ»á¼û¿ØÖƵÄÐèÇóºÜ³£¼û£¬¶øNginx×÷Ϊһ¿î¸ßÐÔÄܵÄWebЧÀÍÆ÷ºÍ·´ÏòÊðÀíЧÀÍÆ÷£¬Ò²ÌṩÁËÎÞаÇÒÇ¿Ê¢µÄ»á¼û¿ØÖƹ¦Ð§¡£³ýÁË¿ÉÒÔͨ¹ýIPµØµã¡¢ÓòÃû¡¢URLµÈ·½·¨À´¾ÙÐлá¼û¿ØÖÆÍ⣬Nginx»¹Ö§³Ö»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖã¬Ò²¾ÍÊÇ¿ÉÒÔÅжÏHTTPÇëÇóµÄÄÚÈÝÀ´¾ÙÐлá¼û¿ØÖÆ¡£
ÏÂÃæÎÒÃÇÀ´ÏêϸÏÈÈÝÔõÑùÔÚNginxÖÐʵÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖá£
Ò»¡¢×°ÖÃNginx
Ê×ÏÈ£¬ÎÒÃÇÐèҪװÖÃNginxЧÀÍÆ÷¡£¿ÉÒÔͨ¹ýÒÔÏÂÏÂÁî×°ÖÃNginx£º
$ sudo apt-get update $ sudo apt-get install nginx
µÇ¼ºó¸´ÖÆ
×°ÖÃÍê³Éºó£¬¿ÉÒÔͨ¹ýÒÔÏÂÏÂÁîÀ´¼ì²éNginxÊÇ·ñ×°ÖÃÀֳɣº
$ nginx -v
µÇ¼ºó¸´ÖÆ
¶þ¡¢ÉèÖÃNginx
ÔÚNginxµÄÉèÖÃÎļþÖУ¬ÎÒÃÇ¿ÉÒÔͨ¹ýlocationÖ¸ÁîÀ´Ö¸¶¨ÒªÆ¥ÅäµÄURL£¬¿ÉÒÔͨ¹ýifÖ¸ÁîÀ´ÊµÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆ¡£
·¿ªNginxµÄÉèÖÃÎļþ£¬Ò»Ñùƽ³£Îª/etc/nginx/nginx.conf£¬Ìí¼ÓÈçÏÂÉèÖãº
http { server { listen 80; server_name example.com; location /api { if ($request_body ~* "blacklist") { return 403; } # ÆäËûÉèÖÃ... } } }
µÇ¼ºó¸´ÖÆ
ÔÚÉÏÃæµÄÉèÖÃÖУ¬ÎÒÃÇͨ¹ýlocationÖ¸ÁîÆ¥ÅäÁËÒÔ/api¿ªÍ·µÄURL£¬²¢Í¨¹ýifÖ¸ÁîÅжÏÇëÇóÌåÖÐÊÇ·ñ°üÀ¨ÁË”blacklist”×Ö·û´®¡£ÈôÊÇ°üÀ¨Á˸Ã×Ö·û´®£¬Ôò·µ»Ø403 Forbidden״̬Â룬²»È»¼ÌÐøÖ´ÐÐÆäËûÉèÖá£
Èý¡¢ÖØÆôNginx
Íê³ÉÒÔÉÏÉèÖúó£¬ÐèÒªÖØÆôNginxЧÀÍÆ÷ʹÉèÖÃÉúЧ£º
$ sudo systemctl restart nginx
µÇ¼ºó¸´ÖÆ
ËÄ¡¢ÑéÖ¤ÉèÖÃ
ÏÖÔÚÎÒÃÇ¿ÉÒÔʹÓÃcurlÏÂÁîÀ´·¢ËÍHTTPÇëÇó¶ÔÉèÖþÙÐÐÑéÖ¤¡£¼ÙÉèÎÒÃÇ·¢ËÍPOSTÇëÇóµ½http://example.com/api£¬ÇëÇóÌåÖаüÀ¨ÁË”blacklist”×Ö·û´®£¬¿ÉÒÔÖ´ÐÐÒÔÏÂÏÂÁ
$ curl -X POST -d "this is blacklist data" http://example.com/api
µÇ¼ºó¸´ÖÆ
´Ëʱ£¬ÎÒÃÇ»á»ñµÃ403 ForbiddenµÄÏìÓ¦£¬ËµÃ÷»á¼û±»¾Ü¾ø¡£
¶øÈôÊÇÇëÇóÌå²»°üÀ¨”blacklist”×Ö·û´®£¬¿ÉÒÔÖ´ÐÐÒÔÏÂÏÂÁ
$ curl -X POST -d "this is normal data" http://example.com/api
µÇ¼ºó¸´ÖÆ
Õâʱ£¬ÎÒÃǽ«»ñµÃÕý³£µÄÏìÓ¦¡£
ͨ¹ýÉÏÊö²Ù×÷£¬ÎÒÃÇÀֳɵØʵÏÖÁË»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖá£
×ÛÉÏ£¬±¾ÎÄÏÈÈÝÁËÔõÑùÔÚNginxÖÐʵÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖá£Í¨¹ýÔÚÉèÖÃÎļþÖÐʹÓÃlocationºÍifÖ¸ÁÎÒÃÇ¿ÉÒÔºÜÎÞаµØÅжÏHTTPÇëÇóµÄÄÚÈÝÀ´¾ÙÐлá¼û¿ØÖÆ£¬¿ÉÒÔƾ֤ÏÖʵÐèÇó¾ÙÐÐÉèÖá£Ï£Íû±¾ÎĶÔÄãÓÐËù×ÊÖú¡£
ÒÔÉϾÍÊÇNginxÔõÑùʵÏÖ»ùÓÚÇëÇóÌåµÄ»á¼û¿ØÖÆÉèÖõÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡