Take a look at the Apache config in your Gluu Server instance. The key is to have an ethernet interface on the Gluu Server that is not public. Add an Apache `Listen` directive for this non-public interface. Then use the `virtualhost` directive for `/identity`, making sure it uses the interface that is private. You can use ssh tunnel to access the `/identity` admin website, or a VPN depending on your network setup. @Mohib.Zico can point you to a doc. But this topic is really basic linux system admin stuff, and not specific to Gluu in particular.

Here is the doc: https://www.gluu.org/docs/gluu-server/4.2/operation/security/#securing-oxtrust Also, recorded a screencast for one customer couple of weeks ago as well: https://www.youtube.com/watch?v=y14BqoheOiI&t=7s&ab_channel=MohibZico