HomeCategoriesQuestions

How to secure PHP-FPM by restricting access to specific IP addresses in Nginx?

To secure PHP-FPM by restricting access to specific IP addresses in Nginx, you can follow these steps:

  1. Edit the Nginx configuration file for your website. Typically, this file is located in the /etc/nginx/sites-available/ directory.

  2. Locate the location ~ \.php$ block within your configuration file. This block specifies how Nginx should handle PHP files.

  3. Inside the location ~ \.php$ block, add the allow and deny directives to restrict access to specific IP addresses. For example, to allow access only from IP address 192.0.2.10 and deny access from all other IP addresses, use the following configuration:

location ~ \.php$ { allow 192.0.2.10; deny all; ... }

  1. Save the configuration file and exit the editor.

  2. Restart Nginx to apply the changes using the command:

    sudo service nginx restart

With these steps, PHP-FPM access will be restricted to only the specified IP address, and all other IP addresses will be denied access.