You can restrict access to certain parts of your website using Nginx’s inbuilt authentication and authorization mechanism based either on your client’s I.P, by prompting for a login prompt or both.
A sample I.P. based authorization configuration would be like:
location /private/ { allow 192.168.1.1/24; allow 172.16.0.1/16; allow 127.0.0.1; deny all; }