How to prevent IP's from access website using ModxCloud?

17 Posts

smorris Reply #1, 5 years, 2 months ago

I know there is a NGINX rewrite that only allows / denies IP's to accessing folders like the manager. However I can't seem to get it to work on the entire site.

location /manager/ {
    allow 10.10.10.192;
    deny all;
}

Is there a way to prevent ANYONE outside of a designated IP from accessing the website.

My scenario is: I am opening up a website for testing internally and do not want to provide user names for EVERY person. Any help will be appreciated.

Tink!

185 Posts

Anton Tarasov Reply #2, 5 years, 1 month ago

Hi,
Did you manage that?
So next code doesn't work for you,right?

location / {
    allow 192.168.1.1/24;
    allow 127.0.0.1;
    deny all;
}

If so this is weird and have to be checked. Anyway MODXCloud has good support guys, Jay or someone other will help for sure.

Alternatively I believe you can also try nginx authorization:

location / {
    auth_basic "Restricted";
    auth_basic_user_file /c0xxx/home/.htpasswd;
    try_files $uri $uri/ @modx-rewrite;
}

Here is examples now NGINX can be configured for MODXCLOUD: https://support.modx.com/hc/en-us/articles/217295387-Nginx-Web-Rules-Rewrites

Anton Tarasov
MODX Developer

Email: [email protected]
Web: antontarasov.com

17 Posts

smorris Reply #3, 5 years, 1 month ago

Yeah it provides an error on ModxCloud? I would assume that would work too.

There was an error with your rewrite rules. Please check the syntax and make sure you've entered them correctly. Errors: nginx: [emerg] duplicate location "/" in 39162.temp.conf:110 nginx: configuration file 39162.temp.conf test failed

I will look into the authorization rewrite. I didn't want to provide a user and password for everyone involved in testing. Will I have to with that method?

Tink!