Restrict Admin User to IP Subnet

Narendra_Rajcoomar · August 26, 2021, 5:10pm

Hello All,

Is there any way a rule can be set to restrict an Administrator User to only login from an IP or Subnet. Im just looking at it as a way of minimizing the security risk footprint.

Regards

Tietatter · March 13, 2026, 1:32pm

Add this location to the config, networks, and addresses as needed:

location ~ ^/(sys/info|sys/admin) {
allow 172.17.42.0/24;
allow 10.10.77.2/32;
deny all;

# Handling 403 (Forbidden) Errors
# Redirecting to the Homepage with 302 (Temporary Redirect)
error_page 403 =302 https://sky.energy.net;

        proxy_pass         http://127.0.0.1:8000;
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_read_timeout  36000s;
        proxy_send_timeout  36000s;

        access_log      /var/log/nginx/seahub.access.log;
        error_log       /var/log/nginx/seahub.error.log;
    }

Narendra_Rajcoomar · March 15, 2026, 5:50am

never too late, thank you