We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
How to restrict access to VestaCP ip
How to restrict access to VestaCP ip
Hello, lets say we install VestaCP on server ip 1.1.1.1 when the installation is done if someone put into his browser 1.1.1.1 he see a message of the hostname of the server. How to remove this screen or restrict access by someone accessing the main ip of the server? Thanks in advance..
Re: How to restrict access to VestaCP ip
Pretty simple - /etc/nginx/conf.d/your-ip.conf
Code: Select all
server {
listen your-ip:80 default;
server_name _;
#access_log /var/log/nginx/your-ip.log main;
#location / {
# proxy_pass http://your-ip:8080;
#}
access_log /dev/null;
error_log /dev/null;
return 444;
}
Re: How to restrict access to VestaCP ip
skurudo if you add this code the phpmyadmin is not then access by http://your-ip/phpmyadmin/
Any way to exclude the phpmyadmin?
Thanks for the answer.
Any way to exclude the phpmyadmin?
Thanks for the answer.
Re: How to restrict access to VestaCP ip
I think about this code:sysadminn wrote:skurudo if you add this code the phpmyadmin is not then access by http://your-ip/phpmyadmin/
Any way to exclude the phpmyadmin?
Code: Select all
server {
listen your-ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://your-ip:8080;
}
}
Re: How to restrict access to VestaCP ip
A little update with webmail:
Code: Select all
server {
listen ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}
Re: How to restrict access to VestaCP ip
File for edit /etc/nginx/conf.d/your-ip.conf
for http:
for https
In ssl_certificate and ssl_certificate_key better use real certificate path
for http:
Code: Select all
server {
listen ip:80 default;
server_name _;
location / {
access_log /dev/null;
error_log /dev/null;
return 444;
}
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}
Code: Select all
server {
listen ip:443;
server_name _;
ssl on;
ssl_certificate /home/user/conf/web/ssl.domain.ru.pem;
ssl_certificate_key /home/admin/conf/web/ssl.domain.ru.key;
access_log /dev/null;
error_log /dev/null;
return 444;
location /phpmyadmin/ {
proxy_pass http://ip:8080;
}
location /webmail/ {
proxy_pass http://ip:8080;
}
}