Deny webadmin from outside

Dams · November 29, 2020, 4:23pm

/

Hello

I have read that it’s possible to deny webadmin access from outside. Add the following lines to the ‘location’ section of those files /yunohost_admin.conf.inc & /etc/nginx/conf.d/yunohost_api.conf.inc

allow 192.168.0.0/24;
deny all;

But I might have misplaced them because nginx tells the config file are invalid. Does anyone have more details ?

Bonjour

J’ai lu qu’on pouvait restreindre l’accès à la webadmin au réseau local. Ajouter ces lignes à la section ‘location’ des fichiers /yunohost_admin.conf.inc & /etc/nginx/conf.d/yunohost_api.conf.inc

allow 192.168.0.0/24;
deny all;

Seulement j’ai du les positionner incorrectement parce que nginx indique que la configuration est invalide. Est-ce que quelqu’un connait la syntaxe exacte des fichiers ? Peut-être @metyun qui avait donné l’info dans un autre thread ?

Aleks · November 29, 2020, 4:52pm

Yes, you have the details since you’re saying nginx tells you the conf file is invalid ? So what does nginx -t returns ?

metyun · November 29, 2020, 6:47pm

Tu le positionnes comme ceci:

/etc/nginx/conf.d/yunohost_admin.conf.inc

location /yunohost/admin/ {
allow 192.168.0.0/24;
deny all;
etc...........

/etc/nginx/conf.d/ yunohost_api.conf.inc

location /yunohost/api/ {
allow 192.168.0.0/24;
deny all;
etc........

N’oublie pas d’adapter 192.168.0.0/24 à ta passerelle (ip route show pour la trouver).

Dams · November 29, 2020, 8:03pm

OK thanks @Aleks & @metyun. It works

I was just missing a semi-column
nginx: [emerg] invalid number of arguments in "allow" directive in /etc/nginx/conf.d/yunohost_api.conf.inc:4

system · December 14, 2020, 8:04pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.