IP address restrictions in .htaccess do not work properly if nginx is enabled

Created:

2016-11-16 13:10:01 UTC

Modified:

2017-08-16 17:24:26 UTC

0

Was this article helpful?


Have more questions?

Submit a request

IP address restrictions in .htaccess do not work properly if nginx is enabled

Applicable to:

  • Plesk 11.x for Linux

Symptoms

IP access restrictions specified in the .htaccess file do not work properly if the nginx reverse proxy server is enabled. This may cause the following outcomes:

  1. If .htaccess denies access to everyone but selected addresses, error 403 is always displayed.

  2. If .htaccess denies access only to specific IP addresses/networks, visitors from these IPs still can access the website.

Resolution

Since Plesk 11.5, it is possible to customize web server settings for each domain using the Web Server Settings button (permission Hosting management should be enabled on the subscription). Among available settings are IP/network restrictions.

There is no solution for Plesk 11.0 except manually modifying the global nginx configuration file.

Cause

nginx proxies requests to Apache via the "rpaf" module so that in Apache logs, we see the real IP of a site visitor. But in fact, the connection between nginx and Apache is established using local server IP addresses, and Apache applies IP restrictions to local IP addresses.

Have more questions? Submit a request
Please sign in to leave a comment.