You can set IP addresses allowed to Login to your admin portal in Settings→Security Settings → Security Settings → Admin Area Allowed IPs.
If you'd like to go further, and block unwanted IP addresses on web-server level, you can do so by updating nginx config files.
...
2. Create file /etc/nginx/hostbill_phpfpm, add the following contents content to it:
Code Block |
---|
location ~ \..*/.*\.php$ {return 403;}
include /etc/nginx/fastcgi_params;
#When https is enabled, make sure to uncomment line below
#fastcgi_param HTTPS 'on';
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_hide_header "X-Powered-By";
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k; |
...
Replace its contents with following:
Code Block language text location @seohburl { rewrite ^/(.+)$ /index.php?/$1 last; } location ^~ /admin { allow 1.2.3.4; allow 192.168.0.0/24; deny all; alias /home/hostbill/public_html/admin/; index index.php; location ~ \.php$ { include /etc/nginx/hostbill_phpfpm; } } location ^~ / { alias /home/hostbill/public_html/; index index.php; try_files $uri $uri/ @seohburl; location ~ \.php$ { include /etc/nginx/hostbill_phpfpm; } }
- Make Make sure to change /admin to other folder name, if you have changed your admin folder
- Add each allowed IP / CIDR subnet in new "allow X.X.X.X" block
- Save changes
...