I have an Ngnix server hosted on Google Cloud - Compute engine. I'm creating a public IP for this. However I want to allow requests from few IP addresses only which means I want to allow only few applications to send requests to my Nginx. How can I do this.
In short I want to whitelist few IP addresses to access my Ngnix hosted on Compute Engine. If any one is aware of this, do let me know.
Generally you're best using your cloud service firewalls, as that way traffic you want to reject never makes it to your server. If it makes it to your server it takes up resources to reject, and if you're not fully patched it increases the chance your server is compromised.
I don't know much about Google Cloud, but a search brings up Google Cloud VPC Firewall Rules.
Google Cloud firewall rules let you allow or deny traffic to and from your virtual machine (VM) instances based on a configuration that you specify. Enabled Google Cloud firewall rules are always enforced, protecting your instances regardless of their configuration and operating system, even if they have not started up.
Every Virtual Private Cloud (VPC) network functions as a distributed firewall. While firewall rules are defined at the network level, connections are allowed or denied on a per-instance basis. You can think of the Google Cloud firewall rules as existing not only between your instances and other networks, but also between individual instances within the same network.
Use allow/deny in your configuration file - assuming you have the ngx_http_access_module (unusual if you don't)
server {
# usual stuff here
location / {
# list of allowed IP's
allow 1.2.3.4;
allow 5.6.7.8;
# deny anything else
deny all;
# usual stuff here
}
}
