I want to use nginx for local development. This means I want to prevent other machines from being able to access my web server so it can only be accessed via localhost.
Under the server settings in sites-enabled/default I changed my code to
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.html
allow 127.0.0.1;
deny all;
try_files $uri $uri/ /index.html;
}
Is there anything else I need to do to prevent third parties from accessing my web server?
On the NGINX side no, depending on how secure you want it to be you may also want to block port 80 (Or whatever port NGINX is running on) from any IP except local host, or use a non-default port (Something in the 8000-10000 range).