How to Restrict Access to Your Admin Area

It is very important to restrict access to your Magento admin panel. Hypernodes do have a Fail2Ban, but if your password has been leaked, hackers will have access to all your data and your customers data with all the consequences that entails. One of the best ways to restrict access is by limiting the IP address that can even access the admin section.

The snippet below will restrict access to the admin panel to and All other IP’s will be denied. Replace the IP addresses with your IP address(es), if you don’t know your current network IP, just visit

First create a file in ‘/data/web/nginx/’ folder. And name the file to /data/web/nginx/server.magentobackend or whatever you use as admin backend name and use the following snippet.

location ~ ^/(index\.php/)?magentobackend/? {
deny all;
rewrite / /index.php break;
echo_exec @phpfpm;