By: Eli Sy user 08 Sep 2020 at 6:27 p.m. CDT

2 Responses
Eli Sy gravatar
I want to prevent the admin console from being public. I would also want to know how to do this using nginx.

By Michael Schwartz Account Admin 08 Sep 2020 at 8:40 p.m. CDT

Michael Schwartz gravatar
Take a look at the Apache config in your Gluu Server instance. The key is to have an ethernet interface on the Gluu Server that is not public. Add an Apache `Listen` directive for this non-public interface. Then use the `virtualhost` directive for `/identity`, making sure it uses the interface that is private. You can use ssh tunnel to access the `/identity` admin website, or a VPN depending on your network setup. @Mohib.Zico can point you to a doc. But this topic is really basic linux system admin stuff, and not specific to Gluu in particular.

By Mohib Zico staff 08 Sep 2020 at 11:06 p.m. CDT

Mohib Zico gravatar
Here is the doc: https://www.gluu.org/docs/gluu-server/4.2/operation/security/#securing-oxtrust Also, recorded a screencast for one customer couple of weeks ago as well: https://www.youtube.com/watch?v=y14BqoheOiI&t=7s&ab_channel=MohibZico