nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Whitelisting a IP subnet or multiple IP addresses #471

Closed tjosm closed 5 years ago

tjosm commented 5 years ago

I recently had some trouble with PayPal IPN. Although I have written some white-list rules, I want to make sure that any request from PayPal gets through.

I have a few IP addresses. And I came up with this code from Naxsi wiki, if ($remote_addr = "173.0.81.1") { set $naxsi_flag_learning 1; } This goes just above my main location block. What I want to do now is add multiple IP addresses. Can I add a comma separated list? Is a subnet like 173.0.81.0/24 supported?

Thanks in advance.

fernandomariano commented 5 years ago

Hi @tjosm.

I think you can try using map directive: http://nginx.org/en/docs/http/ngx_http_map_module.html

buixor commented 5 years ago

@tjosm : if it's good, can you close issue ?