Securing Your Magento Store Admin to Specific IP Address on Nginx

With the growing popularity of running Magento stores on Nginx it is important to note that utilizing htaccess rewrites will not prevent access. Instead you need to update a stores server configuration file which can usually be located in sites-available/yourdomain.conf  Note: yourdomain will be replaced by the actual domain of the website in question.

Adding the following location block to the stores configuration file will limit access to administrative panel to the specified IP address (you would change this to match your IP Address


The previous location block has the expectation that your store administrative path was left as “admin”. However, as leaving your path as admin is in itself a security risk the following shows how to change it to a new administrative path, for this example we will use “secureadmin”


By updating the first line of the provided in the location block you are able to update the administrative path restriction as required.

Hans-Eirik Hanifl

view all posts

Hans-Eirik Hanifl is a forward thinking e-commerce and marketing consultant. As an advocate for the free exchange of knowledge, he founded E-Commerce Gorilla as a place where like-minded individuals can ask questions and share their expertise on practical solutions in the area of e-commerce and marketing. He is the owner of TRM Marketing and an avid supporter of the open source community.

0 Comments Join the Conversation →

Leave a Reply

Stay in the loop!

E-Commerce Gorilla Avatar

Join the E-Commerce Gorilla e-mail newsletter. We provide monthly updates on new articles featuring all aspects of online sales and E-Commerce setup. We cover the do's and don'ts of effective online sales, along with great giveaways. As a newsletter subscriber you are automatically entered for any competitions and giveaways.* Join our community of engaged online marketing experts, great content, and great giveaways. You can't go wrong.