How to restrict access to VestaCP ip

sysadminn · Post by **sysadminn** » Fri Jan 01, 2016 5:29 pm

Hello, lets say we install VestaCP on server ip 1.1.1.1 when the installation is done if someone put into his browser 1.1.1.1 he see a message of the hostname of the server. How to remove this screen or restrict access by someone accessing the main ip of the server? Thanks in advance..

Post by **skurudo** » Tue Jan 05, 2016 6:28 pm

Pretty simple - /etc/nginx/conf.d/your-ip.conf

Code: Select all

server {
    listen       your-ip:80 default;
    server_name  _;
    #access_log  /var/log/nginx/your-ip.log main;
    #location / {
    #    proxy_pass  http://your-ip:8080;
    #}
        access_log /dev/null;
        error_log /dev/null;
        return 444;
}

sysadminn · Post by **sysadminn** » Thu May 19, 2016 12:15 pm

skurudo if you add this code the phpmyadmin is not then access by http://your-ip/phpmyadmin/

Any way to exclude the phpmyadmin?

Thanks for the answer.

Post by **skurudo** » Thu May 19, 2016 1:01 pm

sysadminn wrote:skurudo if you add this code the phpmyadmin is not then access by http://your-ip/phpmyadmin/
Any way to exclude the phpmyadmin?

I think about this code:

Code: Select all

server {
    listen       your-ip:80 default;
    server_name  _;
        location / {
        access_log /dev/null;
        error_log /dev/null;
        return 444;
    }
        location /phpmyadmin/ {
        proxy_pass  http://your-ip:8080;
    }
}

Post by **skurudo** » Fri May 20, 2016 9:00 am

A little update with webmail:

Code: Select all

server {
    listen       ip:80 default;
    server_name  _;
        location / {
        access_log /dev/null;
        error_log /dev/null;
        return 444;
    }

        location /phpmyadmin/ {
        proxy_pass  http://ip:8080;
    }

        location /webmail/ {
        proxy_pass  http://ip:8080;
    }
}

Post by **skurudo** » Fri Mar 10, 2017 8:09 am

File for edit /etc/nginx/conf.d/your-ip.conf

for http:

Code: Select all

server {
    listen       ip:80 default;
    server_name  _;
        location / {
        access_log /dev/null;
        error_log /dev/null;
        return 444;
	}
	 
        location /phpmyadmin/ {
        proxy_pass  http://ip:8080;
        }

        location /webmail/ {
        proxy_pass  http://ip:8080;
        }
}

for https

Code: Select all

server {
    listen      ip:443;
    server_name _;
    ssl         on;
    ssl_certificate      /home/user/conf/web/ssl.domain.ru.pem;
    ssl_certificate_key  /home/admin/conf/web/ssl.domain.ru.key;
        access_log /dev/null;
        error_log /dev/null;
    return 444;
      
        location /phpmyadmin/ {
        proxy_pass  http://ip:8080;
        }

        location /webmail/ {
        proxy_pass  http://ip:8080;
        }
}

In ssl_certificate and ssl_certificate_key better use real certificate path

Vesta Control Panel - Forum