Hi all,
Have recently moved my WP based website under NginX behind an Amazon ELB. Whilst IP restriction to wp-admin & wp-login was previously working, I'm now having issue restricting to my IP's only, due to the X-Forwarded-For of the load balancer.
I've tried so many options but I can't seem to find a working example for being behind a load balancer.
Any ideas?
Below are some of the variations in my nginx site.conf. The closest I can do is geting it to restrict the IP correctly unless it's in my allow IP's list, but if it is, instead of parsing wp-admin or wp-login normally in browser, it just prompts me to download the file... examples i've tried:
-----
location ~* ^/(wp-admin|wp-login) {
allow <my-ip>;
deny all;
}
----
Deny access to admin pages
location ~ ^/(wp-admin|wp-login\.php) {
set $allow false;
if ( $remote_addr ~ <my-ip> ) {
set $allow true;
}
if ($allow = false) {
return 403;
}
}
-----
location ~ ^/(wp-admin|wp-login\.php) {
set $allow false;
if ( $http_x_forwarded_for ~ ^my.\ip\ ) {
set $allow true;
}
if ($allow = false) {
return 403;
}
}
-----
if ( $http_x_forwarded_for != ^my\.ip\. && location ~ "^/wp-admin\.php" ) {
error 404 "Not the droids you are looking for...";
}
-----
I'm at a loss, if anyone has this working in full could you please let me know what is required in configuring NginX for this situation?