Varnish 3 – Block ip addresses

To block ip addresses with Varnish edit the following file:

sudo nano /etc/varnish/default.vcl

And add the following. Of course replace the example ip addresses with the real ips you want to block.

acl forbidden {
"111.11.111.111";
"123.12.123.123";
"456.123.12.72";
}

sub vcl_recv {
# Block access from these ips
if (client.ip ~ forbidden) {
error 403 "Forbidden";
}
}

After editing, execute:

sudo service varnish restart

This entry was posted by Pieter Vogelaar on November 23, 2012 at 12:20, and is filed under Ubuntu. Follow any responses to this post through RSS 2.0.You can leave a response or trackback from your own site.

Comments (3)
Related Posts
About Pieter Vogelaar

#1 written by Jeroen Schouten 9 years ago

Lol, found your blog again through Google!

Reply Quote
#2 written by Jeroen Schouten 9 years ago

If you want to block access to a list of ips you can use the /24 mask:

acl forbidden {
"192.168.0.0"/24;
}

source: http://serverfault.com/questions/235841/how-do-i-block-an-ip-address-or-network-block-with-varnish-vcl

Reply Quote
- #3 written by Pieter Vogelaar 9 years ago
  
  Thanks for your input!
  
  Reply Quote
Type your comment

You may use these HTML tags: <a> <abbr> <acronym> <b> <blockquote> <cite> <code> <del> <em> <i> <q> <strike> <strong>
Comment Feed for this Post

Go to Top

Varnish 3 – Block ip addresses

About Pieter Vogelaar (60 posts)

Public Github activity

Categories

Sponsor

Recent Posts