Blocking Access to WordPress admin area on RunCloud’s Native Nginx Stack
If you’re running a Web Application on Runcloud that uses their Native NGINX stack, here’s how you can set up restrictions by IP Address.
First, you have to follow their official Docs on how to implement custom NGINX configurations and to understand the server’s configs file structure.
Alternatively, if you’re managing your server through RunCloud Panel, they recently launched a new feature that can create NGINX configurations directly from the dashboard.
Once you have created your own extra .conf file, for example:
/etc/nginx-rc/extra.d/[YOUR-WEB-APP].location.main.admin-access.conf
Paste this and change the values to your public IP Address and the name of your Web Application:
location ~ \.php$ {
location ~ /wp/wp-(admin/|login\.php\b) {
allow [YOUR-IP-ADDRESS];
deny all;
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
If you want to add multiple IP Addresses, just add a new line with the other IP Address:
location ~ \.php$ {
location ~ /wp/wp-(admin/|login\.php\b) {
allow [YOUR-IP-ADDRESS];
allow [ANOTHER-IP-ADDRESS];
deny all;
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
Or create a new extra .conf file, for example:
/etc/nginx-rc/extra.d/[YOUR-WEB-APP].location.main.allowed.conf
Add all the allowed IP Addresses inside that file like this:
allow [YOUR-IP-ADDRESS];
allow [ANOTHER-IP-ADDRESS];
allow [MORE-IP-ADDRESS];
Then change your first .conf file, referencing this new one, replacing the lines of allowed IPs:
location ~ \.php$ {
location ~ /wp/wp-(admin/|login\.php\b) {
/etc/nginx-rc/extra.d/[YOUR-WEB-APP].location.main.allowed.conf
deny all;
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
include /etc/nginx-rc/conf.d/[YOUR-WEB-APP].d/proxy.conf;
}
Don’t forget to reload NGINX to apply changes.
systemctl reload nginx-rc
If you’re using the Dashboard, click the top right menu dropdown after saving the .conf file and rebuild the web application to apply changes.