Restrict IP address to admin site


Hi all,

I’m trying to apply an IP restriction to admin site. Ex: only ip can access admin site.
I tried below setting in securiy.yml but it does not work:

- { path: ^/admin/, role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [] }
- { path: ^/admin/, role: ROLE_ADMIN }

Please help.


Why don’t you try it with an htaccess rule?


i need it easy for maintenance then i put it there
thanks @scrummer for your point. i’m going to try it.


Just force the use of 2 Factor Auth. It’s way better and more secure. Maybe add htaccess also.