How to restrict access to servers using a VPN and a static IP

07.12.2022
Complexity
2 min.
557

Together with the BusinessVPN server, you get a static IP assigned only to you and you can use it to restrict access to your resources:

Iptables configuration

Configure iptables rules to restrict access to your Linux server.

To set up access to your Linux server only via SSH, enter the following commands:

iptables -I INPUT 1 -s $VPN_IP/32 -p tcp -m tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -j DROP
iptables-save > /etc/iptables/rules.v4

where $VPN_IP is the static IP address of your VPN server


To configure access to your Linux server only from your VPN server for all ports, enter the following commands:

		iptables -I INPUT 1 -s $VPN_IP/32 -j ACCEPT
iptables -I INPUT 2 -j DROP
iptables-save > /etc/iptables/rules.v4


Nginx configuration

To restrict access to a specific URL in Nginx, enter the following commands:

Find the necessary file on the following path:

        /etc/nginx/vhosts/$example/$example.com.conf

where $example is the domain of your site

Enter the necessary configuration as you can see in the example (considering the location as in the screenshot) (1).

		location ^~ /$URL {
allow $VPN_IP;
deny all;
}

where $URL is the URL you want to restrict the access.



Save the configurations.

Check the correctness of the settings.

		nginx -t

If the settings are successful, reload the Nginx.

		service nginx reload


Apache configuration

To restrict access in Apache, find the necessary .htaccess file and enter the following configurations:

		Limit GET POST HEAD>
deny from all
allow from $VPN_IP

where $VPN_IP is the static IP address of your VPN server




Save the configurations.

Was this information helpful?
Yes   No
3 
By continuing to use this website you will be agreeing to the website Acceptable Use Policy and the Use of Cookies while using the website and our services. Please also read our Privacy Policy under which, to the extent stated, you consent to the processing of your personal data.