I then see the Chrome "Your connection is not private" screen and when I click the "ADVANCED" link, I get the message about the security certificate being from *.umbraco.io rather than my domain. If I click the "Proceed to my domain.com (unsafe)" link, the login screen appears.
Can anyone reproduce this? Is there something I can do with that match rule to prevent it?
Restricting access to back office on LIVE by IP address
Hi there
I'm trying to use IP filtering to restrict access to the back office on our LIVE environment, and I'm following the instructions at https://our.umbraco.org/documentation/Umbraco-Cloud/Frequently-Asked-Questions/#how-can-i-control-who-accesses-my-backoffice-using-ip-filtering
These instructions use this match rule, which all looks good:
We're launching without SSL at the moment, while we arrange the certificate (procurement process a bit complex at the client end). If I go to http://mydomain.com/umbraco, I get the 403 error as expected. However, if I go to http://mydomain.com/umbraco/#/login it does an automatic redirect to the SSL version at https://mydomain.com/umbraco/#/login
I then see the Chrome "Your connection is not private" screen and when I click the "ADVANCED" link, I get the message about the security certificate being from *.umbraco.io rather than my domain. If I click the "Proceed to my domain.com (unsafe)" link, the login screen appears.
Can anyone reproduce this? Is there something I can do with that match rule to prevent it?
Many thanks all,
Mike
is working on a reply...