====== NginX - Restrict Nginx to the Private Network ======
sudo vi /etc/nginx/sites-enabled/default
Inside, find the **listen** directive. You should find it twice in a row towards the top of the configuration:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
. . .
}
At the first listen directive, add your web server's private IP address and a colon just ahead of the 80 to tell Nginx to only listen on the private interface. We are only demonstrating IPv4 forwarding in this guide, so we can remove the second listen directive, which is configured for IPv6.
In our example, we'd modify the listen directives to look like this:
server {
listen 192.0.2.2:80 default_server;
. . .
}
Save and close the file when you are finished. Test the file for syntax errors by typing:
sudo nginx -t
If no errors are shown, restart Nginx to enable the new configuration:
sudo service nginx restart