Hi folks, I just bought my first mikrotik router (ethernet ports only). I have a linksys router with dd-wrt , so --- I understand security a little bit, and do on occasion ---I write iptables rules .
I tried looking up how to limit external access to my router from a public ip and I found code, that I DON"T UNDERSTAND WHERE /HOW to implement it.

/user set 0 allowed-address=x.x.x.x/yy


Keep in mind that I use a web browser to access router OS, as I only use linux computers.
Thanks.

I would not suggest direct access from public IP.
I recommend to set up a VPN with the mikrotik and connect via winbox or browser.
IMHO browser has problematic functionality so I suggest you get a win vm on your linux just for winbox.

If you need help with VPN there are many tutorials in wiki.
I suggest to follow SSTP with certificates and Road Warrior (RW) client as a start and then see if you can implement IKEv2 with RW client as well.

You can also use Wine to utilize WinBox on Linux, Unix and MacOS.

You can use WINE and run Winbox so you can get the "good" graphical experience from the router, you can also use SSH to get into the router.

The command you found is fine to drop into the terminal replacing your LAN range with the XXXX/YY figures.

The command in short allows user 0 (default admin) to only be allowed from the IP range you are giving it. This is OK but once you find your feet a bit more you will probably want to block these connections with the firewall rather than disallowing them by local IP range. The local IP range option is great if you are an admin and don't want your LAN/co-workers trying to gain access.

***Also welcome to the world of MikroTik where anything is possible and the learning curve is steep.