IP Witelist for a web domain

apexit.uk · September 7, 2023, 4:46pm

Hi. let’s say I have a website: example.com which, for security reasons, I only want to allow access to a small handful of people. They’ll give me their public IP addresses and I’ll add them to a white list.

Can anyone advise if there’s a wayto do this in Hestia? Maybe there’s a way to do this int he DNS records? All my research points to blacklisting some IP addresses on the server’s firewall, I not only want to create a whitelist (not a black list) but I want it only for one domain/DNS zone on the server, not the entire server.

Many thanks

culibine · September 7, 2023, 6:23pm

.htaccess allow deny from ip. For examples please refer to google.

apexit.uk · September 8, 2023, 11:08am

Didn’t know .htaccess could be used to do things like that. Thanks, I’ll give it a try

apexit.uk · September 8, 2023, 11:33am

Great, it worked. Thanks for the help. I inserted the following to my .htaccess file:

#Start Whitelist
order deny,allow
deny from all
allow from 111.111.111.111
#End Whitelist

luisedofon · August 21, 2024, 8:54pm

Hi, just quick question, I’m not expert, but how this can be done on Hestia CP using Nginx only ? I found I can set allow some IP and later place a deny all; on /etc/nginx/nginx.conf, but this is applied to all websites, how can be done on only one of the sites ?

sahsanu · August 21, 2024, 9:19pm

Let’s say your user is test and your domain is example.net, and you allow access to this site only to ips 203.0.113.1 and 192.0.2.1

Create a conf file like nginx.conf_whatever, in this case, we will use nginx.conf_access and this file must be in this dir:

/home/test/conf/web/example.net/

The contents of file nginx.conf_access:

allow 203.0.113.1;
allow 192.0.2.1;
deny all;

If you are using ssl, create also a conf file nginx.ssl.conf_access but there is no need to create it from scratch, just create a symbolic link:

cd /home/test/conf/web/example.net/
ln -rs nginx.conf_access nginx.ssl.conf_access

Now reload nginx:

systemctl reload nginx

luisedofon · August 21, 2024, 9:28pm

Dear Sahsanu, you rock, thanks a lot, I really appreciate it it worked, I was actually trying to edit nginx.conf file on /home/user/conf/web/example.net/.

I have to say in my 2 production VPS I’m using hestiacp, have test a lot of free options to leave my old shared reseller cPanel hosting soon and I simple love HestiaCP, hope I can contribute with some money soon