-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What's the best practice let the other people forbidden admin api? #1593
Comments
The ngx_http_access_module module allows limiting access to certain client addresses, doc |
route admin api through Kong itself and then apply whatever plugins you want to secure it |
@Tieske It's cool! Could you give an example for route? Rewirte the location in
|
yep, something like that ought to do it. But don't forget to add plugins and security! |
Let Linxu iptables closed the admin port what is the best simple work. |
Apply IP restrictions in nginx conf (new releases eases it), firewall I was wondering if nodes could have roles, so that admin role could be
|
We have published a doc that highlights some of the best practices we suggest when considering securing the Admin API: https://getkong.org/docs/0.10.x/secure-admin-api/ |
What's the best practice let the other people forbidden admin api?
The text was updated successfully, but these errors were encountered: