How to disable access to anyone not coming from a specific IP address

Installation
1

I would like to block access to my discourse forum until it is ready but would like to have access to only few IP address so that our team can work on forum.

I do know below options can be enable but I want my team to see forum like regular user until it is ready and work on content.
settings->login
Public registration is disabled, all new users must be explicitly invited by trusted users or staff.
Require authentication to read content on this site, disallow anonymous access.

When outside user(non approved IP address) visit my site they should see nothing there.

Thanks for your help!

1 Like
2

If you use the setup wizard that launches after first install, you can select a private instance in one of the first steps. If you need to re-run the wizard you can do so at /wizard

3 Likes
3

If you really want to limit access by ip then you could use iptables or nginx rules.

4

This will not show posts to users I want, they need to login to see content. It is similar to enabling 2 options which I mentioned in my above post.

I dont know how to do that. could you please provide steps.

5

Easy. Set forum to private as Jeff suggests and then approve access to only your setup team. If you don’t approve others they will only see the login screen. You can set permissions to categories by group if you need further granularity.

1 Like
6

You don’t like the discourse solution, so it’s a sysadmin issue. You can Google stuff like “block ip with iptables” or ‘limit ip access nginx". You might try’ “ufw” instead of iptables.

If you have a budget I might be able to help. My contact info is in my profile.

4 Likes
7

Another way to do it is to remove the dns A record for the forum and have your testers hard code the ip on their machines.

8

@pfaffman thank you for the pointers.

I fixed it :slight_smile: Here is solution in case someone needs it.

  1. ./launcher enter app from /var/discourse folder
  2. Go to '/etc/nginx/ folder and create file ‘whitelist-ip.conf’
  3. add below lines in ‘whitelist-ip.conf’ file
    allow 192.168.1.1;
    deny all;
  4. open /etc/nginx/conf.d/discourse.conf
  5. go to line no 37 see below section, it is for port 443
    server {
    include /etc/nginx/whitelist-ip.conf;
    }
  6. add line ‘include /etc/nginx/whitelist-ip.conf;’
  7. Test NginX configuration by running command ‘nginx -t’
  8. run ‘service nginx reload’

Try now, it will show not found page. no page related to discourse. from whiteliet ip address it will show normal forum.

4 Likes
9

Nice work!

And note that when you rebuild the container those changes will go away. This can be ether a bug or a feature!

1 Like
10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.