Where to white list wp-admin / wp-login to specifc ips

Howdy rtCommunity,

Where is the best place to white list wp-admin / wp-login.php to specific IPs and what syntax should we use?

It seems we’d like to do so in /var/www/[site name]/conf/nginx and drop a whitelist-admin.conf or something in there – that way our white lists are encapsulated and preserved through EE or OS updates.

However, I’m not sure the ordering of nginx includes from the /etc/nginx/sites-enabled/ would allow us to drop something in the site specific conf/nginx? – that is can we drop a file in there, have it picked up auto magically at engine restart and if so, do we add these in a location block or does it have to be in http or server, etc – and is this even the best way to handle with EasyEngine?

So in summary,

  1. Can we create a specific whitelist-admin.conf
  2. What syntax do we use if we can do #1

And/Or

If we can’t do #1, where do we stick the white list and what syntax do we use to best fit in the EE way of doing things?

Cheers!

One additional note, this is a --wpfc with hhvm on site; it’ll be converted to redis when we’ve fully tested if that matters (part of my question stemmed from seeing references to fast-cgi and filtering / location block ordering etc being tricky).

Cheers!

Hello Community,

Any thoughts on this?

We added a restrict-wp-admin.conf to the sites /conf/nginx

It looks as such

# Block wp-admin or wp-login.php from all but our IPs
location ~ ^/(wp-admin|wp-login.php) {
allow x.x.x.x;
deny all;
}
# We have to allow admin-ajax for theme, plugins
location /wp-admin/admin-ajax.php {
    allow all;
}

Does this look good, and do we need to have anything for fast-cgi?