While setting up this site, I wanted to work on articles and tweak the design before actually launching to the public, so I needed a simple way to keep everybody else out until it was all ready to go. So I used the nginx access control feature to accomplish it.

It would have been more secure to setup nginx HTTP Auth instead, and prompt for a username and password, and that would have also allowed me to more easily use my mobile devices to access the site. But if you’ve ever used HTTP auth you know that it’s extremely annoying, especially on mobile, to have to enter your credentials all the time.

So instead, I used a simple IP address allow rule for my office IP, and blocked everything else.

Open up your nginx.conf file (or whichever nginx configuration file you are using for your particular site) and add the following to either your server block or a specific location block, depending on how granular you want to get with the block.

To allow a range of IPs:


Or to allow only a single IP:


And then below that, to block everybody else:

deny all;

So you’ll end up with a server or location block that looks something like this:

server {
  listen  80;

  deny all;

It’s really about as simple as that. Now you’ll want to reload your nginx server, which you can do with this command for Ubuntu or Debian servers:

service nginx reload

Or you can directly reload using the nginx executable, assuming it’s located in the same place as mine (adjust the path otherwise)

/usr/local/nginx/sbin/nginx -s reload

The -s argument tells nginx you are going to send a “signal” and that signal is “reload”, which gracefully reloads the server without causing lots of problems.

Profile Photo for Lowell Heddings Lowell Heddings
Lowell is the founder and CEO of How-To Geek. He’s been running the show since creating the site back in 2006. Over the last decade, Lowell has personally written more than 1000 articles which have been viewed by over 250 million people. Prior to starting How-To Geek, Lowell spent 15 years working in IT doing consulting, cybersecurity, database management, and programming work.
Read Full Bio »