Join Log in
Score:0
avatar Server

Cloudflare in front of Nginx Reverse - redirect users with certain IP to special page

gr flag
micebutt

I'm running a nginx reverse proxy in front of webpage. In front of this nginx reverse proxy is also cloudflare reverse proxy running.

Now I'm trying to redirect users with certain ip-addresses to a special webpage. I'm trying to do this from the nginx reverse proxy, without any luck :/

nginx.conf

    user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_rlimit_nofile 30000;

events {
    worker_connections 2048;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log off;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header CF-Connecting-IP;

server {
    if ($remote_addr = 1.2.3.4) {
        rewrite ^ http://www.website.com/noscrape.htm;
    }
}

}

This is my nginx site conf:

server {
    listen       80;
    server_name  bla.com;

    location / {
        proxy_pass http://bla.com:80;
    access_log off;
#            proxy_cache            STATIC;
#            proxy_cache_valid      200  1d;
#            proxy_cache_use_stale  error timeout invalid_header updating
#                                   http_500 http_502 http_503 http_504;
client_max_body_size 20M;

    }

}

Any ideas how I can do that, or is it not possible because of cloudflare?

177
0 + 0
Richard Smith avatar
jp flag
Richard Smith
You seem to have added a redundant `server` block. The `if` statement needs to be **inside** the `server` block that handles the request, presumably `bla.com`.
0
Reply
gr flag
micebutt
Thank you Richard, that was the problem! It works now!
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.