starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-26 01:45:54 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #137] Add IP based access lists #119

New issue
Closed
opened 2026-02-26 06:30:22 +03:00 by kerem · 9 comments
kerem commented 2026-02-26 06:30:22 +03:00
Owner
Copy link

Originally created by @joeldevnull on GitHub (May 6, 2019).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/137

Hi,

Thanks for creating an awesome tool for managing nginx proxy configs.

Is it possible to consider adding IP based restrictions to the access lists? This is relatively simple to implement in nginx itself in the location block and can be mixed with the existing auth basic too, e.g:

location / {
    # Access List
    satisfy any;
    allow 10.0.0.0/16;
    allow 192.168.0.0/16;
    allow 172.0.0.1;
    deny 1.2.3.4;
    auth_basic            "Authorization required";
    auth_basic_user_file  /data/access/1;
    deny all;

    # Force SSL
    include conf.d/include/force-ssl.conf;

Thanks again!

Originally created by @joeldevnull on GitHub (May 6, 2019). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/137 Hi, Thanks for creating an awesome tool for managing nginx proxy configs. Is it possible to consider adding IP based restrictions to the access lists? This is relatively simple to implement in nginx itself in the location block and can be mixed with the existing auth basic too, e.g: ``` location / { # Access List satisfy any; allow 10.0.0.0/16; allow 192.168.0.0/16; allow 172.0.0.1; deny 1.2.3.4; auth_basic "Authorization required"; auth_basic_user_file /data/access/1; deny all; # Force SSL include conf.d/include/force-ssl.conf; ``` Thanks again!
kerem 2026-02-26 06:30:22 +03:00
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@jeliasson commented on GitHub (May 30, 2019):

Yes, this is the only thing I'm missing right now. Great tool!

<!-- gh-comment-id:497504285 --> @jeliasson commented on GitHub (May 30, 2019): Yes, this is the only thing I'm missing right now. Great tool!
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@axipher commented on GitHub (Jun 28, 2019):

I would also love a feature like this so I don't have to install additional Dockers to handle access control, limit external access to certain IP's and even limit internal network traffic as well.

<!-- gh-comment-id:506811701 --> @axipher commented on GitHub (Jun 28, 2019): I would also love a feature like this so I don't have to install additional Dockers to handle access control, limit external access to certain IP's and even limit internal network traffic as well.
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@arejaytee commented on GitHub (Jan 26, 2020):

+1 for this feature to be added

<!-- gh-comment-id:578485805 --> @arejaytee commented on GitHub (Jan 26, 2020): +1 for this feature to be added
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@michaelruge commented on GitHub (Feb 1, 2020):

I too would love to see this feature!

<!-- gh-comment-id:581067180 --> @michaelruge commented on GitHub (Feb 1, 2020): I too would love to see this feature!
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@modem7 commented on GitHub (Mar 9, 2020):

This can already be used quite easily?

Downside is the basic auth doesn't work to well unless you manually do it.

image

<!-- gh-comment-id:596364104 --> @modem7 commented on GitHub (Mar 9, 2020): This can already be used quite easily? Downside is the basic auth doesn't work to well unless you manually do it. ![image](https://user-images.githubusercontent.com/4349962/76190694-78c00580-61d5-11ea-9bc4-5c9479d0aafd.png)
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@arejaytee commented on GitHub (Mar 9, 2020):

Yeah I was going to give it a try with doing it manually, plan was to do it with no auth and have the IP restriction do the work.

<!-- gh-comment-id:596438158 --> @arejaytee commented on GitHub (Mar 9, 2020): Yeah I was going to give it a try with doing it manually, plan was to do it with no auth and have the IP restriction do the work.
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@arejaytee commented on GitHub (Mar 10, 2020):

Confirmed the settings below will work for IP based restrictions, you can place it in the Host advanced settings or individually for each location. Getting redirected to a 403 page which would be nice to be able to customise or by default use the same Tabler theme.

Being able to configure an "Advanced Access list" with settings like below would be great for displaying it within the UI nicely.

#Settings
#localhost
allow 127.0.0.1;

#local internal network
allow 192.168.1.0/24;

#external IP Address
allow 158.140.198.146;

#deny everything except the above
deny all;

<!-- gh-comment-id:597032309 --> @arejaytee commented on GitHub (Mar 10, 2020): Confirmed the settings below will work for IP based restrictions, you can place it in the Host advanced settings or individually for each location. Getting redirected to a 403 page which would be nice to be able to customise or by default use the same Tabler theme. Being able to configure an "Advanced Access list" with settings like below would be great for displaying it within the UI nicely. #Settings #localhost allow 127.0.0.1; #local internal network allow 192.168.1.0/24; #external IP Address allow 158.140.198.146; #deny everything except the above deny all;
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@jc21 commented on GitHub (May 29, 2020):

Feature has been added, closing

<!-- gh-comment-id:635754607 --> @jc21 commented on GitHub (May 29, 2020): Feature has been added, closing
kerem commented 2026-02-26 06:30:22 +03:00
Author
Owner
Copy link

@johanmorenolds commented on GitHub (May 6, 2021):

thanks a lot, i just started using the tool and is it great!, and besides that the community is super supportive and active i was having some troubles trying to restrict access to certain IP addresses and with the community help i just managed.

thanks @arejaytee for the code:

#Settings
#localhost
allow 127.0.0.1;
#local internal network
allow 192.168.1.0/24;
#external IP Address
allow 158.140.198.146;
#deny everything except the above
deny all;

<!-- gh-comment-id:833320852 --> @johanmorenolds commented on GitHub (May 6, 2021): thanks a lot, i just started using the tool and is it great!, and besides that the community is super supportive and active i was having some troubles trying to restrict access to certain IP addresses and with the community help i just managed. thanks @arejaytee for the code: > #Settings #localhost allow 127.0.0.1; #local internal network allow 192.168.1.0/24; #external IP Address allow 158.140.198.146; #deny everything except the above deny all;
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#119
No description provided.