« previous next »
Pages: [1]

Author Topic: Restrict access to a cwp_service  (Read 90 times)

0 Members and 1 Guest are viewing this topic.

Offline
ppalma8
*
Restrict access to a cwp_service
« on: March 26, 2025, 05:41:00 PM »
I cannot see another way to restrict access by IP to a pre configured CWP service such as round cube or php my admin

In this example phpmyadmin  /pma when running Nginx other than to edit for example:

usr/local/cwpsrv/conf/cwp_services.conf

And under the location for pma:

location /pma {
    if ($http_x_real_ip != XXX.XXX.XXX.XXX) {
                return 404;
        }
}

Is there a better way to do this using CWP ?
Logged
Offline
overseer
*****
Re: Restrict access to a cwp_service
« Reply #1 on: March 26, 2025, 09:19:45 PM »
Would the CSF firewall work for you, or are you trying to be very selective about individual services?
Logged
Offline
Netino
***
Re: Restrict access to a cwp_service
« Reply #2 on: March 27, 2025, 02:06:15 AM »
Quote from: ppalma8 on March 26, 2025, 05:41:00 PM
(...)
Is there a better way to do this using CWP ?

Create a file /usr/local/cwpsrv/conf/security.conf with the following content:

Code: [Select]
    #...
    satisfy any;

    allow 192.168.1.1/24;
    allow 127.0.0.1;
    deny  all;

    auth_basic           "Restricted access";
    auth_basic_user_file conf/ht_passwd;
Choose yours IP adresses, and/or define additional authentication on cwpsrv.

Create a file '/usr/local/cwpsrv/conf/ht_passwd' with your passwords:

Code: [Select]
# /usr/local/apache/bin/htpasswd /usr/local/cwpsrv/conf/ht_passwd

In file '/usr/local/cwpsrv/conf/cwp_services.conf', change your directive to:
Code: [Select]
location /pma {
    root /usr/local/cwpsrv/var/services;
    index  index.html index.htm index.php;
    include /usr/local/cwpsrv/conf/security.conf;
    (...)
}
...and restart cwp on the panel, or with the command:

Code: [Select]
# /scripts/restart_cwpsrv
Regards,
Netino

Logged
Offline
overseer
*****
Re: Restrict access to a cwp_service
« Reply #3 on: March 27, 2025, 05:28:46 PM »
As an aside, does anyone actually use an index file named "index.htm"? I have deleted that possibility from my servers ages ago and only support index.php and index.html as possibilities for the index directive.
Logged
Offline
ppalma8
*
Re: Restrict access to a cwp_service
« Reply #4 on: March 29, 2025, 12:48:12 PM »
Sorry I just read your post again so with this conf file Nginx will apply the apache directives:

cwp_services.conf

Is this necessary? or I can just continue with my Nginx conf to filter i.p access to certain directories / urls ?

Thanks, however I always find Apache Directives get ignored when running Nginx in CWP .

What am I missing that means the apache directives don't work, are you running Nginx ?

Quote from: Netino on March 27, 2025, 02:06:15 AM
Quote from: ppalma8 on March 26, 2025, 05:41:00 PM
(...)
Is there a better way to do this using CWP ?

Create a file /usr/local/cwpsrv/conf/security.conf with the following content:

Code: [Select]
    #...
    satisfy any;

    allow 192.168.1.1/24;
    allow 127.0.0.1;
    deny  all;

    auth_basic           "Restricted access";
    auth_basic_user_file conf/ht_passwd;
Choose yours IP adresses, and/or define additional authentication on cwpsrv.

Create a file '/usr/local/cwpsrv/conf/ht_passwd' with your passwords:

Code: [Select]
# /usr/local/apache/bin/htpasswd /usr/local/cwpsrv/conf/ht_passwd

In file '/usr/local/cwpsrv/conf/cwp_services.conf', change your directive to:
Code: [Select]
location /pma {
    root /usr/local/cwpsrv/var/services;
    index  index.html index.htm index.php;
    include /usr/local/cwpsrv/conf/security.conf;
    (...)
}
...and restart cwp on the panel, or with the command:

Code: [Select]
# /scripts/restart_cwpsrv
Regards,
Netino
« Last Edit: March 29, 2025, 12:52:05 PM by ppalma8 »
Logged
Pages: [1]
« previous next »