I have installed successfully the BitwardenRS in my home local server. I have connected this vault to a subdomain and I want to access in my vault only from this subdomain. I have tested that if I request to my public IP address in the vault’s port, Bitwarden works and from local server’s IP. I want to reject all these requests and accept only to the specific domain (this subdomain is set to data/config.js - the vault subdomain) or to redirect all these requests to the subdomain vault. How I can do this?
I have the same setup as yours, I host Bitwarden from a home server.
Besides the fact that you may consider exposing it to Internet so that you can access it when outside (especially on mobile devices), the place where you block the access should be the router. This is where you will forward (or rather in your case - not forward) the external port (available from Internet) to the port exposed by Bitwarden.
I am not sure which kind of limitation you would like to have based on a domain. Do you mean the domain associated to the address you connect from (being in Internet)? This is not something you can do directly with Bitwarden, you would need to go though a reverse proxy (nginx, apache, caddy, traefik, …) and set a filter then based on a lookup of the IP. This is quite unusual, though.
I finally setup a reserve proxy and I have access only from specific devices for security reasons, full access and error logs, proxy logs and all ok! Additionally, with cloudflare security is better.