Back to limesurvey.org

Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

How to filter acces to the administration area with nginx ?

  • orsayman
  • orsayman's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
4 years 2 weeks ago #211837 by orsayman
How to filter acces to the administration area with nginx ? was created by orsayman
Dear forum,

We have recently installed a new version of LimeSurvey with the semi-official docker and we would like to forgive access to the administration area from outside a given range of IP. I have found some links over the internet but nothing match our need (we don't want to rely on a plugin, we don't use apache, etc.).

We use a proxy based on nginx in front of the docker so we ended up using a rule that blocks any URL containing /admin (admin, admin/, index.php/admin, index.php/admin/anotherpage.php) for all IP excpet for the authorized IPs (in which case, it's passed unchanged). Something like:
Code:
location ~ /admin {
  allow IP1;
  allow IP2;
  deny all;
  proxy_pass https://my_host.tld$request_uri;
}

I'm not asking if the implementation is good (although if you have advice, you're welcome) but I would like to know: is the rule enough or should we block other URLs ? Of course if the rule is too strict, don't hesitate to tell me.

Thanks in advance,
Mathieu
The topic has been locked.
Moderators: holchtpartner

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans
Get started

Legal

About Us

Open Source