nginx屏蔽ip

直接通过remote ip屏蔽

location / {
    access 1111.11111.111;
    deny all;
    proxy_pass http://aaaa;
}

通过x-forward-for屏蔽

map $http_x_forwarded_for $ip_allowed {
        default allow;
        ~\s*192.168.22.*$ deny;
        ~\s*192.168.21.11$ deny;
        }

    if ( $ip_allowed = "deny" ) {
        return 403;
    }