How to Restrict access to the Admin panel without desactivating it

EDIT from ljf: This howto is not enough to secure this part. The Yunohost admin use an api, so you need to protect this api too (path of the api /yunohost/api/ )

Hi guys,

If you would like to restrict the access to the administration panel but also to keep the possibility of connecting to it, it’s quite easy.

just edit /etc/nginx/conf.d/

You’ll see something like that :smile:

location /yunohost/admin {
alias /usr/share/yunohost/admin/;
default_type text/html;
index index.html;
deny all;}

Just add the internal and external IPs that should be able to connect

location /yunohost/admin {
    alias /usr/share/yunohost/admin/;
    default_type text/html;
    index index.html;
    allow 192.168.1.XXX;
    allow XXX.XXX.XXX.XXX;
    deny all;

Don’t forget to reload the nginx conf and it should work

sudo service nginx reload

Have fun !

1 Like

Thanks for the tip @Novakin !

Hi Novakin;

I try to do this kind of restriction but the SSO
do you think it’s faisible ?

Actually; I found exactly what I was trying to do here :slight_smile:
which was : Avoid SSO redirection (optional)