Docs / Security / Implementing IP Whitelisting for Admin Panels

Implementing IP Whitelisting for Admin Panels

By Admin · Feb 25, 2026 · Updated Apr 23, 2026 · 26 views · 1 min read

Why Whitelist?

Admin panels, database ports, and management interfaces should only be accessible from trusted IP addresses. IP whitelisting adds a strong defense layer beyond authentication.

Nginx Location Block

location /admin {
    allow 198.51.100.10;  # Office IP
    allow 203.0.113.5;    # Home IP
    deny all;

    # ... your proxy or PHP config
}

UFW Rules

# Allow SSH only from specific IPs
sudo ufw delete allow ssh
sudo ufw allow from 198.51.100.10 to any port 22
sudo ufw allow from 203.0.113.5 to any port 22

# Allow database only from app server
sudo ufw allow from 10.0.0.5 to any port 3306

iptables Direct

# Allow SSH from specific IP only
iptables -A INPUT -p tcp --dport 22 -s 198.51.100.10 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP

.htaccess (Apache)

<Files "admin.php">
    Require ip 198.51.100.10
    Require ip 203.0.113.5
</Files>

TCP Wrappers

Edit /etc/hosts.allow:

sshd: 198.51.100.10, 203.0.113.5

Edit /etc/hosts.deny:

sshd: ALL

Dynamic IPs

If your IP changes frequently, consider using a VPN to access management interfaces rather than maintaining a whitelist.

Was this article helpful?

Related Articles