Page 1 of 1
How to restrict access to VestaCP ip
Posted: Fri Jan 01, 2016 5:29 pm
by sysadminn
Hello, lets say we install VestaCP on server ip 1.1.1.1 when the installation is done if someone put into his browser 1.1.1.1 he see a message of the hostname of the server. How to remove this screen or restrict access by someone accessing the main ip of the server? Thanks in advance..
Re: How to restrict access to VestaCP ip
Posted: Tue Jan 05, 2016 6:28 pm
by skurudo
Pretty simple - /etc/nginx/conf.d/your-ip.conf
Code: Select all
server {
listen your-ip:80 default;
server_name _;
#access_log /var/log/nginx/your-ip.log main;
#location / {
# proxy_pass http://your-ip:8080;
#}
access_log /dev/null;
error_log /dev/null;
return 444;
}
Re: How to restrict access to VestaCP ip
Posted: Thu May 19, 2016 12:15 pm
by sysadminn
skurudo if you add this code the phpmyadmin is not then access by
http://your-ip/phpmyadmin/
Any way to exclude the phpmyadmin?
Thanks for the answer.
Re: How to restrict access to VestaCP ip
Posted: Thu May 19, 2016 1:01 pm
by skurudo
sysadminn wrote:skurudo if you add this code the phpmyadmin is not then access by
http://your-ip/phpmyadmin/
Any way to exclude the phpmyadmin?
I think about this code:
Code: Select all
server {
listen your-ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://your-ip:8080;
}
}
Re: How to restrict access to VestaCP ip
Posted: Fri May 20, 2016 9:00 am
by skurudo
A little update with webmail:
Code: Select all
server {
listen ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}
Re: How to restrict access to VestaCP ip
Posted: Fri Mar 10, 2017 8:09 am
by skurudo
File for edit /etc/nginx/conf.d/your-ip.conf
for http:
Code: Select all
server {
listen ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}
for https
Code: Select all
server {
listen ip:443;
server_name _;
ssl on;
ssl_certificate /home/user/conf/web/ssl.domain.ru.pem;
ssl_certificate_key /home/admin/conf/web/ssl.domain.ru.key;
access_log /dev/null;
error_log /dev/null;
return 444;
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}
In ssl_certificate and ssl_certificate_key better use real certificate path