Restrict access by IP address

Question

Restrict access by IP address

vitobotta opened this issue 3 years ago · 7 comments

HI, how can I restrict access to a container's port to a specific IP only? For example I want to be able to access Nginx Proxy Manager only from my home IP. Thanks!

Answer 1 · 2023-01-24T04:05:49.000Z

ufw route allow proto tcp from HOME_IP_HERE to any port XX

Answer 2 · 2023-01-27T02:11:55.000Z

ufw route allow from <source> to <container> port <container_port> proto tcp
# example
ufw route allow from 192.168.3.0/24 to 172.17.0.4 port 8080 proto tcp

Answer 3 · 2023-01-27T08:57:13.000Z

I changed approach actually. For Nginx Proxy Manager and Portainer I am now using Cloudflare Zero Trust Access, and have changed the script slightly to always allow traffic from Cloudflare IP ranges, see https://bin.botta.me/Z0ZC7b.sh

I haven't whitelisted anything at all with ufw-docker. Do you see any issues with this approach?

Answer 4 · 2023-02-03T21:19:02.000Z

@vitobotta hey, the link has expired

Answer 5 · 2023-02-03T21:50:17.000Z

Oops. This one doesn't have an expiration https://bin.botta.me/am9mxb.sh

Answer 6 · 2023-05-19T01:59:04.000Z

@vitobotta hey, the link has expired

Answer 7 · 2024-12-10T07:32:36.000Z

ufw route allow from <source> to <container> port <container_port> proto tcp
# example
ufw route allow from 192.168.3.0/24 to 172.17.0.4 port 8080 proto tcp

do i can use this ?

ufw route allow from 31.184.139.26 to sg-db-1 port 3306 proto tcp