jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-03-02 23:51:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9a0cf9b7629bff8b896371cff5af02027d7eac63
higress/plugins/wasm-go/extensions/ip-restriction/README_EN.md
澄潭 c7c4ae1da2 update plugins doc (#1305)
2024-09-12 21:48:40 +08:00

38 lines
1.7 KiB
Markdown
Raw Blame History

---
title: IP Access Restriction
keywords: [higress, ip restriction]
description: IP access restriction plugin configuration reference
---
## Function Description
The `ip-restriction` plugin can restrict access to services or routes by whitelisting or blacklisting IP addresses. It supports restrictions on a single IP address, multiple IP addresses, and CIDR ranges like 10.10.10.0/24.
## Running Attributes
Plugin execution phase: `Authentication Phase`
Plugin execution priority: `210`
## Configuration Description
| Configuration Item | Type | Required | Default Value | Description |
|---------------------|---------|----------|---------------------------------|---------------------------------------------|
| ip_source_type | string | No | origin-source | Optional values: 1. Peer socket IP: `origin-source`; 2. Get from header: `header` |
| ip_header_name | string | No | x-forwarded-for | When `ip_source_type` is `header`, specify the custom IP source header |
| allow | array | No | [] | Whitelist |
| deny | array | No | [] | Blacklist |
| status | int | No | 403 | HTTP status code when access is denied |
| message | string | No | Your IP address is blocked. | Return message when access is denied |
```yaml
ip_source_type: origin-source
allow:
- 10.0.0.1
- 192.168.0.0/16
```
```yaml
ip_source_type: header
ip_header_name: x-real-iP
deny:
- 10.0.0.1
- 192.169.0.0/16
```
Reference in New Issue View Git Blame Copy Permalink