How to restrict access to the admin panel for external IPs?

K

KIN19912015-06-01 13:23:58

Django

KIN1991, 2015-06-01 13:23:58

Question on a subject.
tried like this:

location ^~ /admin/ {
                proxy_pass http://localhost:8000/;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                deny all;
                allow 192.168.111.0/24;
                allow 172.16.0.0/24;

        }

But because of this, he constantly redirects to the main page of the site

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Softer, 2015-06-01
@KIN1991

But because of this, he constantly redirects to the main page of the site

Maybe that will help? :) (attention to the trailing slash)
If deny all doesn't work, then either the request doesn't get into the location or there is 1 more reverse proxy in front and the reception of the real address through the headers (real_ip_header/set_real_ip_from) is not configured.

V

Vladislav Bushuev, 2015-06-01
@redstar

location ^~ /admin/ {
                proxy_pass http://localhost:8000/;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                allow 192.168.111.0/24;
                allow 172.16.0.0/24;
                deny all;

        }

Alternatively, try it.

S

sim3x, 2015-06-01
@sim3x

It's better to keep outsiders out of the python code
nginx.org/en/docs/http/ngx_http_auth_basic_module.html

location /admin {
    auth_basic           "closed site";
    auth_basic_user_file conf/htpasswd;
}