Arn0's Blog

Live your life with passion.
With 三倍Ice Cream !!!

  1. 1. 获取CDN IP地址
  2. 2. 将IP保存为文件
  3. 3. 修改网站配置文件
  4. 4. 伪装
  5. 5. 重启Nginx
  6. 6. 大功告成

获取CDN IP地址

先查一下CDN的回源IP,以CloudFlare为例,他们家的回源IP可以在这里找到。

将IP保存为文件

将刚才找到的IP地址保存到/etc/nginx/cf.addr
格式就是这个亚子

# https://www.cloudflare.com/ips
# IPv4
allow 103.21.244.0/22;
allow 103.22.200.0/22;
allow 103.31.4.0/22;
allow 104.16.0.0/12;
allow 108.162.192.0/18;
allow 131.0.72.0/22;
allow 141.101.64.0/18;
allow 162.158.0.0/15;
allow 172.64.0.0/13;
allow 173.245.48.0/20;
allow 188.114.96.0/20;
allow 190.93.240.0/20;
allow 197.234.240.0/22;
allow 198.41.128.0/17;

# IPv6
allow 2400:cb00::/32;
allow 2405:8100::/32;
allow 2405:b500::/32;
allow 2606:4700::/32;
allow 2803:f800::/32;
allow 2c0f:f248::/32;
allow 2a06:98c0::/29;

修改网站配置文件

在网站的Nginx配置文件Server块里面添加这两行

include /etc/nginx/cf.addr;
deny all;

伪装

顺便将IP访问的流量直接403掉

server {
    listen 80 default_server;
    server_name _;
    server_tokens off;
    return 403;
}

重启Nginx

/usr/nginx/sbin/nginx -s reload

大功告成

参考自Nova Kwok’s Awesome Blog

This article was last updated on days ago, and the information described in the article may have changed.