Magento Tips & Tricks

Restrict Access to Magento Admin Area in Nginx

It is pretty easy to restrict access to magento admin area in nginx. Basically you need to update configuration file and restart it.
All commands applicable for debian. There might be different syntax for other versions.

Nginx config files located in /etc/nginx/sites-available

1. Restrict access by IP

Open configuration file and insert following code

location /admin {
  allow   11.11.11.11; #update to your ip
  deny    all;
}

2. Restrict access using HTTP auth

Open configuration file and insert following code

location /admin {
    auth_basic "Restricted";
    auth_basic_user_file /var/www/.htpasswd;
}

How to create .htpasswd file – http://httpd.apache.org/docs/2.2/programs/htpasswd.html

Now you can test configuration

sudo service nginx configtest

and restart nginx

sudo service nginx restart

3 thoughts on “Restrict Access to Magento Admin Area in Nginx

  1. Hello,

    Using below code allow IP can’t open /admin diretectly index.php is required. nwdthemes.com/index.php/admin
    location /admin {
    allow 11.11.11.11; #update to your ip
    deny all;
    }

    • I have check it once more and it is working fine for me. Do you have any other restrictions in your nginx config before this code ?

Leave a Reply

Your email address will not be published. Required fields are marked *