diff --git a/compose/nginx/mn.conf.d/local.conf b/compose/nginx/mn.conf.d/local.conf
index 6598124..a9f7063 100644
--- a/compose/nginx/mn.conf.d/local.conf
+++ b/compose/nginx/mn.conf.d/local.conf
@@ -14,6 +14,18 @@ upstream robosats_daphne_websocket {
     server localhost:9000;
 }
 
+# Define a variable for allowed IPs
+geo $allowed_localIP {
+    default 0;
+    192.168.0.0/16 1;  # Allows access for IPs in the range 192.168.0.0/16 (192.168.0.0 ~ 192.168.255.255)
+    #192.168.x.x 1; # or use your local IP for more security and remove the above line
+}
+
+map $host $allowed_onion {
+    default 0;
+    "~*your-robotest-admin-onion-address\.onion" 1;  # Allows access for your coordinator onion address
+}
+
 # now we declare our main server
 server {
 
@@ -42,9 +54,18 @@ server {
     }
 
     location /coordinator {
-        # Blocks admin access from the public onion address
-        if ($host ~* "robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion") {
-            return 403;  # Forbidden
+        # Denies any access by default
+        set $allow_access 0;
+
+        if ($allowed_localIP = 1) {
+            set $allow_access 1; # Allows access for local IPs
+        }
+        if ($allowed_onion = 1) {
+            set $allow_access 1; # Allows access for your coordinator onion address
+        }
+
+        if ($allow_access = 0){
+            return 403; # Access is forbidden if none of the above conditions are met.
         }
 
         proxy_pass http://robosats_gunicorn_rest;
diff --git a/compose/nginx/tn.conf.d/local.conf b/compose/nginx/tn.conf.d/local.conf
index 7c1fcb0..9a4b7b2 100644
--- a/compose/nginx/tn.conf.d/local.conf
+++ b/compose/nginx/tn.conf.d/local.conf
@@ -14,6 +14,18 @@ upstream robosats_daphne_websocket {
     server localhost:9000;
 }
 
+# Define a variable for allowed IPs
+geo $allowed_localIP {
+    default 0;
+    192.168.0.0/16 1;  # Allows access for IPs in the range 192.168.0.0/16 (192.168.0.0 ~ 192.168.255.255)
+    #192.168.x.x 1; # or use your local IP for more security and remove the above line
+}
+
+map $host $allowed_onion {
+    default 0;
+    "~*your-robotest-admin-onion-address\.onion" 1;  # Allows access for your coordinator onion address
+}
+
 # now we declare our main server
 server {
 
@@ -41,12 +53,21 @@ server {
     }
 
     location /coordinator {
-        # Blocks admin access from the public onion address
-        if ($host ~* "robotestagw3dcxmd66r4rgksb4nmmr43fh77bzn2ia2eucduyeafnyd.onion") {
-            return 403;  # Forbidden
+        # Denies any access by default
+        set $allow_access 0;
+
+        if ($allowed_localIP = 1) {
+            set $allow_access 1; # Allows access for local IPs
+        }
+        if ($allowed_onion = 1) {
+            set $allow_access 1; # Allows access for your coordinator onion address
         }
 
-	proxy_pass http://robosats_gunicorn_rest;
+        if ($allow_access = 0){
+            return 403; # Access is forbidden if none of the above conditions are met.
+        }
+
+        proxy_pass http://robosats_gunicorn_rest;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header Host $host;
         proxy_redirect off;