給后臺/admin地址設置隱藏限制訪問

通用的后臺路徑容易被掃描，找了官方社區文章了解到目前無法修改后臺/admin 的路徑地址，只能加以限制訪問寶塔自帶的目錄加密訪問、禁止訪問都不行會影響正常使用。琢磨了一下通過手寫nginx配置限制指定IP訪問，經測試正常完美運行這邊分享一下配置如下

#PROXY-START/
location  ~* \.(php)$
{
    proxy_pass http://127.0.0.1:20199;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
}

location /
{
    if (!-e $request_filename) {
         proxy_pass http://127.0.0.1:20199;
    }
    proxy_http_version 1.1;
    proxy_read_timeout 360s;   
    proxy_redirect off; 
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;

    add_header X-Cache $upstream_cache_status;

    #Set Nginx Cache

       add_header Cache-Control no-cache;
    expires 12h;
}
location /admin/ {
    allow 192.168.1.10;  # 允許訪問的IP地址
    deny all;  
    if (!-e $request_filename) {
         proxy_pass http://127.0.0.1:20199;
    }
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
}
#PROXY-END/

修改 allow 192.168.1.10; 的192.168.1.10為你的IP，復制替換原來的反代配置即可；這是在官方文檔的反代基礎上加了 /admin/目錄的訪問限制僅允許指定IP訪問后臺