I have had many articles on how to install and use Nginx Proxy Manager (NPM) on my blog, but I have never shared how to optimize security for domains set up in NPM.
Today’s article will show you how to use the Access Lists feature of Nginx Proxy Manager to optimize security for established domains.
1. Create Access List
Access Nginx Proxy Manager, select the Access Lists item on the Menu Bar, click Add Access List
Enter the required information:
- Details: enter the name of the Access List in the Name field.
- Authorization: nhập Username / Password
- Access: can be left blank if you do not want to limit access by IP. I entered
192.168.0.0/24to limit access from the indoor LAN only.
Click Save to save
The Access List with the name Limited Access appeared in the list
2. Edit Proxy Host
Go back to the Hosts section, find the Proxy Host you need to update and click Edit.
In the Access List section, open it and select Limited Access. Then click Save
3. Check the results
Access to the newly edited domain name, a dialog box asking for Username / Password confirmation will appear. Need to enter the correct parameters set up in the previous Access Lists section and click Sign In to access the website.
If you enter the wrong username or password, the browser will give an error
401 Authorization Required.
When accessing the domain from outside the LAN, the browser gives an error
403 Forbidden. The reason is because I have restricted access to only allow access from IPs
192.168.0.0/24 in the LAN.
It is done!