Skip to content

Add IP based access lists #137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
joeldevnull opened this issue May 6, 2019 · 9 comments
Closed

Add IP based access lists #137

joeldevnull opened this issue May 6, 2019 · 9 comments
Labels
enhancement

Comments

@joeldevnull
Copy link

joeldevnull commented May 6, 2019
edited
Loading

Hi,

Thanks for creating an awesome tool for managing nginx proxy configs.

Is it possible to consider adding IP based restrictions to the access lists? This is relatively simple to implement in nginx itself in the location block and can be mixed with the existing auth basic too, e.g:

location / {
    # Access List
    satisfy any;
    allow 10.0.0.0/16;
    allow 192.168.0.0/16;
    allow 172.0.0.1;
    deny 1.2.3.4;
    auth_basic            "Authorization required";
    auth_basic_user_file  /data/access/1;
    deny all;

    # Force SSL
    include conf.d/include/force-ssl.conf;

Thanks again!
@jeliasson
Copy link

Yes, this is the only thing I'm missing right now. Great tool!

@axipher
Copy link

axipher commented Jun 28, 2019

I would also love a feature like this so I don't have to install additional Dockers to handle access control, limit external access to certain IP's and even limit internal network traffic as well.

@arejaytee
Copy link

+1 for this feature to be added

@michaelruge
Copy link

I too would love to see this feature!

@arejaytee arejaytee mentioned this issue Mar 8, 2020
Open
@modem7
Copy link

modem7 commented Mar 9, 2020
edited
Loading

This can already be used quite easily?

Downside is the basic auth doesn't work to well unless you manually do it.

image

@arejaytee
Copy link

Yeah I was going to give it a try with doing it manually, plan was to do it with no auth and have the IP restriction do the work.

@arejaytee
Copy link

Confirmed the settings below will work for IP based restrictions, you can place it in the Host advanced settings or individually for each location. Getting redirected to a 403 page which would be nice to be able to customise or by default use the same Tabler theme.

Being able to configure an "Advanced Access list" with settings like below would be great for displaying it within the UI nicely.

#Settings
#localhost
allow 127.0.0.1;

#local internal network
allow 192.168.1.0/24;

#external IP Address
allow 158.140.198.146;

#deny everything except the above
deny all;

@ShadowPeo ShadowPeo mentioned this issue Mar 18, 2020
Closed
@Indemnity83 Indemnity83 mentioned this issue Apr 9, 2020
Closed
@jc21
Copy link
Member

jc21 commented May 29, 2020

Feature has been added, closing

@jc21 jc21 closed this as completed May 29, 2020
@spiffzilla spiffzilla mentioned this issue Jun 23, 2020
Closed
@johanmorenolds
Copy link

johanmorenolds commented May 6, 2021
edited
Loading

thanks a lot, i just started using the tool and is it great!, and besides that the community is super supportive and active i was having some troubles trying to restrict access to certain IP addresses and with the community help i just managed.

thanks @arejaytee for the code:

#Settings
#localhost
allow 127.0.0.1;
#local internal network
allow 192.168.1.0/24;
#external IP Address
allow 158.140.198.146;
#deny everything except the above
deny all;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@jeliasson @jc21 @michaelruge @joeldevnull @modem7 @arejaytee @johanmorenolds @axipher