How to Restrict access to the Admin panel without desactivating it

Novakin · February 6, 2015, 10:27am

EDIT from ljf: This howto is not enough to secure this part. The Yunohost admin use an api, so you need to protect this api too (path of the api `/yunohost/api/` )

Hi guys,

If you would like to restrict the access to the administration panel but also to keep the possibility of connecting to it, it’s quite easy.

just edit /etc/nginx/conf.d/yunohost_admin.conf.inc

You’ll see something like that

location /yunohost/admin {
alias /usr/share/yunohost/admin/;
default_type text/html;
index index.html;
deny all;}

Just add the internal and external IPs that should be able to connect

location /yunohost/admin {
    alias /usr/share/yunohost/admin/;
    default_type text/html;
    index index.html;
    allow 192.168.1.XXX;
    allow XXX.XXX.XXX.XXX;
    deny all;
}

Don’t forget to reload the nginx conf and it should work

sudo service nginx reload

Have fun !

kload · February 10, 2015, 8:45am

Thanks for the tip @Novakin !

jodumont · June 8, 2016, 2:44pm

Hi Novakin;

I try to do this kind of restriction but the SSO
do you think it’s faisible ?

jodumont · June 8, 2016, 2:56pm

Actually; I found exactly what I was trying to do here
https://yunohost.org/#/torhiddenservice
which was : Avoid SSO redirection (optional)

Aleks · January 18, 2023, 8:11pm

How to Restrict access to the Admin panel without desactivating it

EDIT from ljf: This howto is not enough to secure this part. The Yunohost admin use an api, so you need to protect this api too (path of the api /yunohost/api/ )

EDIT from ljf: This howto is not enough to secure this part. The Yunohost admin use an api, so you need to protect this api too (path of the api `/yunohost/api/` )