diff --git a/scripts/craftshop-netbird.conf b/scripts/craftshop-netbird.conf
new file mode 100644
index 0000000..8e56562
--- /dev/null
+++ b/scripts/craftshop-netbird.conf
@@ -0,0 +1,33 @@
+# Nginx для доступа к админке через Netbird
+# Размещается на сервере в /etc/nginx/sites-available/craftshop-netbird
+# с симлинком в /etc/nginx/sites-enabled/
+
+server {
+    listen 100.109.3.6:80;
+    server_name 100.109.3.6;
+
+    root /opt/craftshop/www;
+    index index.html;
+
+    client_max_body_size 100M;
+
+    location /api/ {
+        proxy_pass http://127.0.0.1:3333;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /uploads/ {
+        proxy_pass http://127.0.0.1:3333;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+}
diff --git a/scripts/deploy-auto.sh b/scripts/deploy-auto.sh
index 84cdb09..af0de4a 100644
--- a/scripts/deploy-auto.sh
+++ b/scripts/deploy-auto.sh
@@ -202,6 +202,24 @@ if [[ "$changed_server" == true ]]; then
     remote_exec bash -lc "$DEPLOY_RESTART_CMD"
   fi
 
+  echo ">>> Настройка Nginx для Netbird-доступа к админке"
+  remote_exec bash -lc "set -e
+    if ! command -v nginx &>/dev/null; then
+      echo 'Установка nginx...'
+      apt-get update -qq && apt-get install -y -qq nginx
+    fi
+    mkdir -p /etc/nginx/sites-available /etc/nginx/sites-enabled
+    rm -f /etc/nginx/sites-enabled/default
+  "
+
+  cat "$ROOT/scripts/craftshop-netbird.conf" | remote_exec tee /etc/nginx/sites-available/craftshop-netbird > /dev/null
+
+  remote_exec bash -lc "set -e
+    ln -sf /etc/nginx/sites-available/craftshop-netbird /etc/nginx/sites-enabled/
+    nginx -t && systemctl reload nginx || systemctl restart nginx
+    systemctl enable nginx
+  "
+
   echo ">>> Сервер задеплоен"
 fi
 
diff --git a/server/src/plugins/auth.js b/server/src/plugins/auth.js
index 51016c1..4fe9231 100644
--- a/server/src/plugins/auth.js
+++ b/server/src/plugins/auth.js
@@ -22,7 +22,6 @@ export function registerAuth(fastify) {
 
       if (allowedList.length > 0) {
         const reqIp = normalizeIp(request.ip)
-        request.log.info({ reqIp, rawIp: request.ip }, '[auth] admin IP check')
         const isAllowed = allowedList.includes(reqIp) || allowedList.some((entry) => cidrMatch(reqIp, entry))
         if (!isAllowed) {
           return reply.code(403).send({ error: 'Доступ с данного IP запрещён' })