How to Restrict Access to Nexus Repository 3 by IP Address

Nexus Repository 3 uses the Eclipse Jetty container. Jetty provides a InetAccessHandler that can be configured to restrict access by IP addresses and subnets.

Attached is a sample jetty config file that allows you to configure the InetAccessHandler using Nexus Repository 3 configuration.

To configure it:

  • Download and store the file at NEXUS_HOME/etc/jetty/jetty-ipfilter.xml, with the same permissions as the other jetty files
  • Edit NEXUS_HOME/etc/jetty/jetty-ipfilter.xml, add exclude or include addresses. The patterns allowed are described in the jetty InetAddressSet documentation.
  • Edit $WORKDIR/etc/nexus.properties, and add the new jetty file into the nexus.args: 
    nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-requestlog.xml,${jetty.etc}/jetty-ipfilter.xml
  • restart Nexus
Have more questions? Submit a request

0 Comments

Article is closed for comments.