🚫 Block VPNs, Tor & Proxies with Nginx using MyIP.casa (in 5 minutes)

🛡️ Security  ·  Nginx  ·  5 min guide

🚫 Block VPNs, Tor & Proxies with Nginx using MyIP.casa

📅 March 28, 2026  ·  ~5 min read

Allowing only "clean" users on your infrastructure is a real challenge. Whether you're trying to prevent spam, fraud, or large-scale scraping, filtering traffic from VPNs, proxies, or datacenter IPs is your first line of defense.

In this guide, you'll learn how to integrate the MyIP.casa API directly into your Nginx configuration to block unwanted traffic in minutes.

1

🔧 Understanding auth_request

Nginx provides a powerful module called ngx_http_auth_request_module. It allows you to send a subrequest to an internal API before granting access to your application.

✅  If the API returns 200 → access is allowed
❌  If the API returns 403 → access is denied

This makes it perfect for real-time IP filtering.

2

🧠 Create a filtering microservice

Since you already have access to MyIP.casa Pro, you can build a simple endpoint that checks whether an IP is a VPN or not.

● ● ●   Python / Flask
@app.route("/check-access")
def check_access():
    ip = request.headers.get("X-Real-IP")

    # Query MyIP.casa intelligence (or your cache)
    is_vpn = get_vpn_status(ip)

    if is_vpn:
        return "Forbidden", 403
    return "OK", 200
In production, you should:
•  Cache results (Redis recommended)
•  Avoid calling the API on every request
3

⚙️ Configure Nginx

Add the following to your Nginx site file (e.g. /etc/nginx/sites-available/default):

● ● ●   Nginx — sites-available/default
server {
    listen 80;
    server_name your-site.com;

    location / {
        auth_request /validate-ip;
        proxy_pass http://your_real_backend;
    }

    location = /validate-ip {
        internal;
        proxy_pass https://your-internal-api/check-access;
        proxy_pass_request_body off;
        proxy_set_header Content-Length "";
        proxy_set_header X-Real-IP $remote_addr;
    }

    error_page 403 = @blocked;
    location @blocked {
        return 403 "Access denied: VPN/proxy not allowed.";
    }
}
4

⚡ Why caching is critical

Querying an API on every HTTP request will slow down your application. Cache the decision for 24 hours using:

• Redis  • In-memory cache  • lua_shared_dict (OpenResty)

🚀 Better performance 💰 Lower API usage 🔒 Stable security

✅ Conclusion

By combining the accuracy of MyIP.casa Pro with the flexibility of Nginx, you can enforce perimeter security automatically without impacting legitimate users. It's fast, scalable, and production-ready.

💡 Pro tip — Start with a trial key and upgrade to Pro when ready to deploy at scale.
● ● ●   cURL
curl -H "X-API-Key: YOUR_API_KEY" https://myip.casa/api/pro/details

🚀 Start filtering VPNs in minutes

Get your free API key and secure your infrastructure today.

Get API Key →

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Check Open Ports Instantly (No CLI Required)

What Are Network Ports & Why Test Them? Every internet service (web, mail, VPN, gaming, remote desktop) listens on a   TCP or UDP port . Open ports are gateways into your device: they allow legitimate traffic but also create potential attack vectors if misconfigured. Security   Unwanted open ports expose services (e.g. outdated FTP or SSH). Troubleshooting   Detect blocked ports causing connection issues. Compliance   Many standards (PCI-DSS, SOC 2) require regular port audits. Quick Online Methods (No Installation) 1) Browser-Based Port Scanners Online scanners probe your public IP from the outside. They’re ideal for confirming whether your router port forwarding or firewall rules work. Input   IP or hostname + port(s) Output   Status: OPEN / CLOSED / FILTERED 2) Online Multi-Port Sweep Want to quickly test your open ports? Try the tool below: Run the myIP Port Checker 🔍 Command-Line Port Testing 1) nc (Netcat) Cross-Platform Favorite # Linux / macOS ...
Lire la suite

🔎 SSL Certificate Decoder: How to Read and Analyze Any Certificate

Image
🔐 Security  ·  SSL/TLS  ·  5 min guide 🔎 SSL Certificate Decoder: How to Read and Analyze Any Certificate 📅 May 1, 2026  ·  ~5 min read SSL certificates are essential for HTTPS security, but their raw format is difficult to read. If you have ever opened a certificate file and seen a long block starting with -----BEGIN CERTIFICATE----- , you know it is not designed for humans. In this guide, you will learn how to decode an SSL certificate, understand its key fields, and quickly detect common configuration issues using a free online certificate decoder. 1 🧠 What is an SSL certificate? An SSL certificate is a digital file used to secure HTTPS connections. It proves that a website owns a cryptographic public key and helps browsers verify the identity of the server. Most modern certificates follow the X.509 standard . They include structured information such as:...
Lire la suite