How to configure IP Limit for admin user in DirectAdmin 1.6

This article will introduce you to a Limit IP script for User admin that DirectAdmin supports to limit admin users to login with the IP that was previously allowed to be able to log in, it means outside the allowed IP will not be able to log in.

Overview

Limiting IP will usually limit all accompanying users, leading to very difficult security. In this article, AZDIGI will guide you to Limit IP for a specific admin user who will be logged in with the specified IP, when Limit IP for User admin with a specific IP will increase security more when information is leaked.

To do this, we must first have a fixed and almost unchanged access IP. Because the IP already allows login with user: admin, but changing to another IP will not be able to log in.

To have a fixed static IP, you need to do the following:

To know your IP, visit the link ipecho.net to get the IP.

1. Use VPS setup into a connected VPN network.
2. Rent a static IP from your ISP.

To IP limit for the admin user in DirectAdmin 1.6, perform the following steps.

Implementation Guide

Step 1: Create a custom script Limit IP for the admin user

SSH into the DirectAdmin server and access the custom directory at /usr/local/directadmin/scripts/custom/. Then you create a file all_pre.sh

cd  /usr/local/directadmin/scripts/custom/
touch  all_pre.sh
chmod 700 all_pre.sh
    

Now insert the Limit IP script for User admin with the content below with the command vi all_pre.sh

#!/bin/sh
USERTYPE=`grep usertype= /usr/local/directadmin/data/users/${username}/user.conf | cut -d= -f2`
if [ "${USERTYPE}" = "admin" ]; then
   if [ "$caller_ip" = "45.252.248.109" ]; then
       exit 0;
   fi
if [ "$caller_ip" = "103.221.220.134" ]; then
       exit 0;
   fi
#repeat the check on the IP as many times as desired. ==> thêm nhiều IP thêm theo mẫu trên
echo "IP $caller_ip is not allowed to be logged in as an Admin";
   exit 1;
fi
exit 0;

According to the above script, user: admin can only log in with two IPs: 45.252.248.109 and 103.221.220.134.

Step 2: Update the IP limit script configuration for the admin user

After performing the full steps above, next you need to update the configuration for Directadmin to take effect and run the script.

cd /usr/local/directadmin/custombuild
./build update_script
./build rewrite_confs

And finally, build rewrite_confs to finish.

cd /usr/local/directadmin/custombuild
./build rewrite_confs

Summary

Hopefully, this article will be helpful for you to enhance security, as limiting IP for the admin user prevents login information from being compromised. Wishing you success!

See more useful articles about DirectAdmin at the following link:

• Summary of instructions for using DirectAdmin.

If you need assistance, you can contact support in the ways below:

• Hotline 247: 028 888 24768 (Ext 0)
• Ticket/Email: You use the email to register for the service and send it directly to: support@azdigi.com .