Hi, I’m working on improving the security of my home server.
I want to use the Bitwarden app and the Chrome/Firefox extensions outside my LAN, but I don’t need Web Vault at all. How do I block access to Web Vault from outside the LAN in the Caddyfile?

pass.my-domain {
    @block_webvault_outside {
        not remote_ip 192.168.1.0/24 10.8.0.0/24
        
        # What should be there?
        # path /admin* will lock only admin options
    }

    respond @block_webvault_outside 403
    reverse_proxy vaultwarden:80
}
    • relaymoth@sh.itjust.worksEnglish
      1·
      21 days ago

      You’re right.

      If you login to Vaultwarden and access the Web vault, is there a path like /admin you can add to your blocked paths config?