If you are want to restrict the access to specific sections in Oempro such as /admin and /user areas, simply follow these steps:
- Take a backup of
/opt/oempro/_dockerfiles/haproxy.cfgfile. - Edit
/opt/oempro/_dockerfiles/haproxy.cfgfile, find thefrontend frontend_appdirective. - Inside this directive, add these lines after
mode httpline:
acl network_allowed src xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx/xx
acl restricted_page path_beg /app/admin
acl restricted_page path_beg /app/user
acl restricted_page path_beg /app/client
block if restricted_page !network_allowed
This setup will allow access for admin, user, and client areas for specific IP addresses. You can write IP addresses in a single form or in CIDR notation.
Here’s the actual frontend directive:
frontend frontend_app
bind *:80
...
...
mode http
...
...
acl network_allowed src xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx/xx
acl restricted_page path_beg /app/admin
acl restricted_page path_beg /app/user
acl restricted_page path_beg /app/client
block if restricted_page !network_allowed
...
...
default_backend backend_oempro_app
Once you save and exit editing this file, on the command line, run these commands in sequence to apply changes to the Oempro’s HAProxy Docker container:
cd /opt/oempro/
docker-compose build haproxy
docker-compose kill haproxy && docker-compose up -d haproxy