Hello there, I would like to restrict access to admin area by IPs. I use Nginx web server and this is my config file: Code: server { listen 80; root /var/www/mysite/html; index index.html index.htm index.php; server_name .mysite.com; server_tokens off; client_max_body_size 100m; rewrite_log on; access_log /var/www/mysite/access.log combined; error_log /var/www/mysite/error.log warn; location ~* ^/members/.*\.(js|ico|gif|jpg|png|css|swf|csv)$ {} location ~* ^/members/setup/index.php$ { try_files not-existing-file @php; } location ~* ^/members/js.php { try_files not-exiting-file @php; } location ~* ^/members/index.php$ { try_files not-existing-file @php; } location ~* ^/members/public.php$ { try_files not-existing-file @php; } location ~* ^/members/public { rewrite ^.*$ /members/public.php; } location ~* ^/members/setup { rewrite ^.*$ /members/setup/index.php; } location ~* ^/members { rewrite ^.*$ /members/index.php; } location / { try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { try_files $uri =404; include fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_hide_header X-Powered-By; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location @php { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_hide_header X-Powered-By; include fastcgi_params; } # ... other options like SSL, PhpMyAdmin, etc. } Can someone point me in the right direction please? I tried placing the following before any location block but it did not work: Code: location ~* ^/members/(admin|admin-users) { allow my.ip.address; deny all; } Thank you for your help.
Add this code to your site.php file replacing YOUR IP ADDRESS with the IP address you want to allow access PHP: //Restrict Amember Admin by IP addressclass Am_Controller_CheckIp extends Zend_Controller_Plugin_Abstract{ public function preDispatch(Zend_Controller_Request_Abstract $request) { if (stripos($this->getRequest()->getControllerName(), 'admin')===0) { if ($_SERVER['REMOTE_ADDR']!='YOUR IP ADDRESS') die('Access Denied'); } }}Zend_Controller_Front::getInstance()->registerPlugin(new Am_Controller_CheckIp, 500);
How can I protect my admin page (that's on a local server) to be accessed only from a local workstation? We're using Cloudflare as DNS provider. When I lookup the admin access log I see Cloudflare DNS server's IP address, not either our external IP address nor my local IP address. Adding the above script to site.php doesn't work. And if I would add Cloudflare's IP address, then I have to add all their IP addresses as sometimes the DNS servers round robin...