I am trying to write an iptables rule which states that block a specific IP address from accessing the administrative console of Joomla, Wordpress and PhpMyAdmin.
For instance, in the following rule, I state that block all TCP accesses to port 8080 (Apache Tomcat).
sudo iptables -A INPUT -p tcp -s 172.24.21.133 --dport 8080 -j DROP
This will block access to the service running on port 8080.
But, now, if Joomla, Wordpress and PhpMyAdmin, all of them are running on port 80, is there any additional parameter that I can specify to block access only to one service among Joomla, Wordpress or PhpMyAdmin? Or I shall judiciously assume the fact that if I were to block access to one service, then I will have to compromise on the other two?
IPtables does not (to my knowledge) have any module for matching based on the URL inside an HTTP packet. Your better bet would be to use IP-based access control in your webserver configuration. If you are using Apache, you would use rules something like this in an .htaccess file in your Joomla/WordPress/PHPMyAdmin directory:
Order allow,deny
Deny from 172.24.21.133
Allow from all
This will prohibit HTTP access to anything in those directories from that specified IP address. You can also have multiple Deny lines to block multiple IP addresses.