Close access to the panel

Community Support
1

Greetings! How to close access to the panel and service links (phpmyadmin and the like)? The panel itself is located on the technical domain, but when adding other domains to the control panel, the panel also has access from them. Is it possible to somehow restrict access to the panel from added domains and leave access only from the technical domain?

2

I have the same question

If I want protect the CP login using Basic HTTP Authentication - Which folder should I protect?

3

I just consider it safe to have access to the control panel from all domains, for this I use the technical domain so that only I know it and, accordingly, access to the panel is made only from one domain.

4

You can’t currently

For Hestia admin you can use IPlists to only allow your ip (min 10 ip adresses) and add it to iptables

Screenshot 2022-04-18 at 09.49.21
Screenshot 2022-04-18 at 09.49.21946×906 25.7 KB

Screenshot 2022-04-18 at 09.51.12
Screenshot 2022-04-18 at 09.51.12998×948 61.7 KB

Or just enter your ip in firewall and block all other traffic

Option 2:
You can limit access to a specific account to an ip.

Screenshot 2022-04-18 at 09.54.50
Screenshot 2022-04-18 at 09.54.50920×256 21.7 KB

Option 3: Enable 2FA

Option 4: Disable port 8083 completely and use

and

or

and

Depending on your setup

For disabling phpmyadmin
Change /etc/apache2/conf.d/phpmyadmin.inc and /etc/nginx/conf.d/phpmyadmin.inc to phpmyadmin2.inc and create a new template or modify the template used above to include phpmyadmin2.inc instead of phpmyadmin.inc

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.