Where to white list wp-admin / wp-login to specifc ips


#1

Howdy rtCommunity,

Where is the best place to white list wp-admin / wp-login.php to specific IPs and what syntax should we use?

It seems we’d like to do so in /var/www/[site name]/conf/nginx and drop a whitelist-admin.conf or something in there – that way our white lists are encapsulated and preserved through EE or OS updates.

However, I’m not sure the ordering of nginx includes from the /etc/nginx/sites-enabled/ would allow us to drop something in the site specific conf/nginx? – that is can we drop a file in there, have it picked up auto magically at engine restart and if so, do we add these in a location block or does it have to be in http or server, etc – and is this even the best way to handle with EasyEngine?

So in summary,

  1. Can we create a specific whitelist-admin.conf
  2. What syntax do we use if we can do #1

And/Or

If we can’t do #1, where do we stick the white list and what syntax do we use to best fit in the EE way of doing things?

Cheers!


Updated White list Specifc IPs for wp-admin / wp-login.php
#2

One additional note, this is a --wpfc with hhvm on site; it’ll be converted to redis when we’ve fully tested if that matters (part of my question stemmed from seeing references to fast-cgi and filtering / location block ordering etc being tricky).

Cheers!


Cannot block IP access to wp-login.php
#3

Hello Community,

Any thoughts on this?


#4

We added a restrict-wp-admin.conf to the sites /conf/nginx

It looks as such

# Block wp-admin or wp-login.php from all but our IPs
location ~ ^/(wp-admin|wp-login.php) {
allow x.x.x.x;
deny all;
}
# We have to allow admin-ajax for theme, plugins
location /wp-admin/admin-ajax.php {
    allow all;
}

Does this look good, and do we need to have anything for fast-cgi?


#5