disabling access to admin panel via http and port 81 (after config the proxy to it) to avoid brute forcing... how?

[posta246]

Hi,
how can configure a public npm istance so that the admin panel on 81 port cannot be access via http but only via the proxy itself?
I mean, of course I can easily create in npm an entry (f.e.) proxy.mydomain.com via https, but someone can try to access to myDomain:81 via http anyway! should I do it via iptables, forcing access to port 81 only via localhost (so npm itself can work)? Ideas? Best practises?

[chaptergy]

Create the proxy host as you said as something like proxy.mydomain.com targeting localhost on port 81. Then you can edit the docker-compose file and remove the line

ports:
    - '81:81'  # Remove this line

That way the admin panel will not be exposed to the outside of the container and only be accessible through the proxy host. If your npm instance ever breaks and the normal proxy host is not available, you can re-add that line to temporarily access it via port 81 once again.

[posta246]

ok, just tested and of course it works but please note - just for the record - you have to set the proxy host with
hostname/ip address = localhost (maybe 127.0.0.1 works too)
port = 81
Leaving the ip address of the host does not work.
I hope it helps!
Thanks a lot, really!
Do not if the main developer will see this, maybe a couple of line in the config pages may help future adopters!

[hrefff]

in my case
hostname/ip address = localhost # does not work
hostname/ip address = 127.0.0.1 # works