Topic: Restrict access to iredadmin NGINX
==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.4
- Linux/BSD distribution name and version: deb 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): NGINX
- Manage mail accounts with iRedAdmin-Pro? Yes
- Related log if you're reporting an issue:
====
I want to restrict access to iredadmin to certain ip-addresses. This is how I solved it so far. Is there a more preferred way to achieve this or is this a solid solution?
Se below:
/etc/nginx/templates/iredadmin.tmpl
...
# Python scripts
location ~ ^/iredadmin(.*) {
rewrite ^/iredadmin(/.*)$ $1 break;
include uwsgi_params;
uwsgi_pass unix:/var/run/uwsgi_iredadmin.socket;
uwsgi_param UWSGI_CHDIR /opt/www/iredadmin;
uwsgi_param UWSGI_SCRIPT iredadmin;
uwsgi_param SCRIPT_NAME /iredadmin;
# Restrict iredadmin
allow 111.111.111.111; # static ip
allow 192.168.1.0/24; # ip range
allow 127.0.0.1;
deny all;
}
....
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.