What's the best approach to limiting access to sites by IP when running BOA? When I create various development and testing versions of sites I'd like to limit access to only a few IP's.

Comments

omega8cc’s picture

omega8cc commented

Check the standard Aegir how-to first: http://community.aegirproject.org/node/70

For Nginx, follow the how-to below - we assume that your Octopus system user is standard o1:

$ su -s /bin/bash - o1
$ nano ~/.drush/restricted.drush.inc

Paste there this code:

<?php
function restricted_provision_nginx_vhost_config($uri, $data) {
  if (preg_match("/(?:domain\.com|another-domain\.com)/", $uri)) {
    return array("  allow 123.45.67.89;", "  allow 123.45.67.90;", "  deny all;\n");
  }
}

Of course replace 123.45.67.89 and 123.45.67.90 with your real allowed IPs (or add more of them).

Save the file.

Now re-verify the sites you wish to protect so those allow/deny lines will get inserted in the correct vhosts automatically.

Done.

rocketZero’s picture

rocketZero commented
Status: Active » Closed (works as designed)

Thanks so much for the help. That works exactly as I wanted.