L7 Admin Guard

PROTECT YOUR ADMIN PANELS WITH L7 ADMIN GUARD

L7 Admin Guard provides a convenient way to distribute access gateways configurations from server administrators to team members (editors, content managers, SEO specialists) and automatically routes traffic to protected domains.

Note: We do not provide public VPN or proxy servers. The administrator uses access gateways of their choice and transparently distributes access configuration through our service.

--------------------------------------------------

HOW IT WORKS

1. Site administrator restricts access to the admin panel using IP whitelist (only allowing their gateway IP).
2. Administrator creates a configuration on l7.run: enters site name, gateway details, expiration date (optional), and list of domains to protect.
3. A unique token (5 characters) is generated for loading the configuration.
4. Team members install this extension, enter the token, and get instant access — no complex manual network setup required.

--------------------------------------------------

WHY NOT JUST USE A VPN?

❌ WITH A VPN:
- ALL traffic goes through the VPN server (slower speed).
- Each user has to configure settings manually.
- Complex setup for temporary access.
- Affects personal streaming and downloads.
- High abuse risk (user forgets to disconnect -> torrents/movies go through your VPN server).

✅ WITH L7 ADMIN GUARD:
- ONLY protected domains go through the gateway (fast speed).
- One simple token for the whole team.
- Instantly revoke/expire tokens, change limits on the fly.
- Personal streaming is unaffected (direct connection).
- Impossible to abuse (only admin panels are routed).

Result: Your YouTube, Netflix, Google Drive, and other services work at full speed. No risk of users accidentally routing personal traffic through the VPN server.

Example: A content manager browses YouTube for product review videos for an online store. With a VPN, all traffic would go through the VPN server, consuming bandwidth and limits. With L7 Admin Guard — YouTube works directly while the store's admin panel goes through the gateway.

--------------------------------------------------

KEY FEATURES

🔐 Selective Routing
Traffic to protected domains goes through the gateway, while all other traffic (YouTube, Netflix, etc.) uses your direct connection.

👥 Easy Team Distribution
Share one token with your entire team. No need to explain connection details to each member.

⏰ Temporary Access & Flexible Limits
Grant access for a specific time and set traffic quotas. Administrator can change limits in real-time without dropping active client connections.

🔄 Smart Routing
Support for multiple gateways in one token: a Ukrainian site via a Ukrainian gateway, a German site via a German gateway.

🚀 Tech Under the Hood
Pass-through gateway architecture: gateways relay encrypted traffic between the browser and the destination server without inspecting or modifying the data. Traffic is tunneled using the standard HTTPS CONNECT method, ensuring end-to-end encryption.

🌐 Multi-language Support
Interface available in 9 languages: English, Ukrainian, Russian, German, French, Spanish, Italian, Portuguese, and Polish.

🎨 Light & Dark Themes
Choose between light and dark themes, or use system preference.

📍 Network Status Check
View your real IP and gateway IP with geolocation information.

🔒 Encrypted Configurations
Support for encrypted configurations with master password.

⚡ Quick Access
Direct links to admin panels for each protected site. Current site is highlighted in the list.

--------------------------------------------------

USE CASES

- WordPress admin panel protection
- cPanel/Plesk access restriction
- Grafana, Kibana, and other monitoring dashboards
- Custom CMS admin interfaces
- Development staging environments
- Any web application requiring IP-based access control
- Internal corporate admin tools

--------------------------------------------------

PRIVACY FIRST

- We do not collect personal data (email, names, accounts are not needed).
- The extension generates a random device installation ID (5 base36 characters).
- L7AG gateways (chosen by the administrator, can be shared, dedicated or self-hosted) operate without MITM and traffic analysis, ensuring end-to-end encryption.
- Only the fact of connection establishment (IP and random device ID) is logged to prevent abuse, and these logs are deleted after 2 weeks.
- Configurations are securely requested from the l7.run API (POST requests with HMAC signature).