Restrict access to admin area by IP

Discussion in 'Setting-up protection' started by leelbog1, Mar 14, 2014.

  1. leelbog1

    leelbog1 aMember Pro Customer

    Joined:
    Nov 9, 2012
    Messages:
    17
    Hello there,

    I would like to restrict access to admin area by IPs. I use Nginx web server and this is my config file:
    Code:
    server {
            listen 80;
     
            root /var/www/mysite/html;
            index index.html index.htm index.php;
     
            server_name .mysite.com;
            server_tokens off;
            client_max_body_size 100m;
            rewrite_log on;
            access_log /var/www/mysite/access.log combined;
            error_log /var/www/mysite/error.log warn;
     
           location ~* ^/members/.*\.(js|ico|gif|jpg|png|css|swf|csv)$ {}
           location ~* ^/members/setup/index.php$ { try_files not-existing-file @php; }
           location ~* ^/members/js.php { try_files not-exiting-file @php; }
           location ~* ^/members/index.php$ { try_files not-existing-file @php; }
           location ~* ^/members/public.php$ { try_files not-existing-file @php; }
     
           location ~* ^/members/public { rewrite ^.*$ /members/public.php; }
           location ~* ^/members/setup { rewrite ^.*$ /members/setup/index.php; }
           location ~* ^/members { rewrite ^.*$ /members/index.php; }
     
            location / {
                    try_files $uri $uri/ /index.php?$args;
            }
            location ~ \.php$ {
                    try_files $uri =404;
                    include fastcgi_params;
                    fastcgi_pass unix:/var/run/php5-fpm.sock;
                    fastcgi_index index.php;
                    fastcgi_hide_header X-Powered-By;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            }
     
            location @php {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    fastcgi_pass unix:/var/run/php5-fpm.sock;
                    fastcgi_index index.php;
                    fastcgi_hide_header X-Powered-By;
                    include fastcgi_params;
            }
     
    # ... other options like SSL, PhpMyAdmin, etc.
    }
    

    Can someone point me in the right direction please? I tried placing the following before any location block but it did not work:
    Code:
            location ~* ^/members/(admin|admin-users) {
                   allow my.ip.address;
                   deny all;
            }
    
    Thank you for your help.
  2. ascend

    ascend New Member

    Joined:
    Nov 12, 2008
    Messages:
    1
    Add this code to your site.php file replacing YOUR IP ADDRESS with the IP address you want to allow access

    PHP:
    //Restrict Amember Admin by IP address
    class Am_Controller_CheckIp extends Zend_Controller_Plugin_Abstract
    {
        public function 
    preDispatch(Zend_Controller_Request_Abstract $request)
        {
            if (
    stripos($this->getRequest()->getControllerName(), 'admin')===0)
            {
                if (
    $_SERVER['REMOTE_ADDR']!='YOUR IP ADDRESS') die('Access Denied');
            }
        }
    }
    Zend_Controller_Front::getInstance()->registerPlugin(new Am_Controller_CheckIp500);

Share This Page