// HETZNER / NGINX
Hetzner · Nginx
Nginx allow/deny config for Hetzner. Drop into your server block or http context. 686 CIDRs, refreshed daily.
// nginx_hetzner_allow.conf
# Hetzner IP Ranges # Updated: 2026-06-14 03:22:28 # Source: https://github.com/rezmoss/cloud-provider-ip-addresses # License: https://github.com/rezmoss/cloud-provider-ip-addresses/LICENSE # This file is generated automatically. Do not edit it directly. # Updates daily at 02:00 UTC # To restrict access to only these IPs in nginx, # add the following line to your server block in your nginx configuration file (e.g., /etc/nginx/nginx.conf or /etc/nginx/sites-available/default): # include /path/to/nginx_hetzner_allow.conf; allow 5.9.0.0/16; allow 5.75.128.0/17; allow 5.78.0.0/16; allow 5.78.8.0/21; allow 5.78.16.0/24; allow 5.78.17.0/24; allow 5.78.18.0/24; allow 5.78.19.0/24; allow 5.78.20.0/24; allow 5.78.21.0/24; allow 5.78.22.0/24; allow 5.78.23.0/24; allow 5.78.24.0/24; allow 5.78.25.0/24; allow 5.78.26.0/24; … (672 more lines)
// nginx_hetzner_deny.conf
# Hetzner IP Ranges # Updated: 2026-06-14 03:22:28 # Source: https://github.com/rezmoss/cloud-provider-ip-addresses # License: https://github.com/rezmoss/cloud-provider-ip-addresses/LICENSE # This file is generated automatically. Do not edit it directly. # Updates daily at 02:00 UTC # To deny access from these IPs in nginx, # add the following line to your server block in your nginx configuration file (e.g., /etc/nginx/nginx.conf or /etc/nginx/sites-available/default): # include /path/to/nginx_hetzner_deny.conf; deny 5.9.0.0/16; deny 5.75.128.0/17; deny 5.78.0.0/16; deny 5.78.8.0/21; deny 5.78.16.0/24; deny 5.78.17.0/24; deny 5.78.18.0/24; deny 5.78.19.0/24; deny 5.78.20.0/24; deny 5.78.21.0/24; deny 5.78.22.0/24; deny 5.78.23.0/24; deny 5.78.24.0/24; deny 5.78.25.0/24; deny 5.78.26.0/24; … (672 more lines)