This is my way of keeping out unwanted visitors from accessing my PimpMyLog [1] instance — using CloudFlare and ordinary nginx directives. A temporary solution as potsky is already working on a final solution [2].

map $http_cf_ipcountry $allow {
        default no;
        DK yes; # Set this to match your country (default is Denmark)

And to get it all working we add this in the server block:

location /LocationForPimpMyLog/ {
    log_not_found off; # I do not need this for PimpMyLog
    access_log off; # see above

    # Return 403 if GEO mismatch is found
    if ($allow = no) {
        return 403;

    allow; # Change this to your IP (or range)
    deny all;
    # the end

That’s it


1. PimpMyLog on GitHub
2. Anonymous access #76