Page 1 of 1

restrict access by matching a static ip address

Posted: Sun Jul 24, 2011 11:47 pm
by ishakya
Hi all,
our team have developed a web application to a particular company.that company is accessing the web application.That company maintain a static ip to log in.They have multiple computers in side that static ip address.Users can login to the system using their user name & passwords at any time & from any where.
So company management wants to allow their users to log to the system when they comes from their company static ip address. It means they cannot access to the system from outside of the company.So can i get the company static ip address from the login page????.
This what i have been thinking.....
Store the static ip address in the users table and match the ip address with the ip address got from the login page...

So to that i need to get ip address from login page.
any idea would be great.

Thanks in advance.......

Re: restrict access by matching a static ip address

Posted: Mon Jul 25, 2011 10:50 am
by social_experiment
$_SERVER['REMOTE_ADDR'] ?

Do they want some sort of 'remember me' option with this? I don't quite understand what they have in mind

Re: restrict access by matching a static ip address

Posted: Mon Jul 25, 2011 2:12 pm
by VladSun
.htaccess
[text]order deny,allow
deny from all
allow from 11.22.33.44[/text]

Re: restrict access by matching a static ip address

Posted: Tue Jul 26, 2011 1:32 am
by ishakya
Thanks All,
social_experiment
social_experiment wrote:$_SERVER['REMOTE_ADDR'] ?

Do they want some sort of 'remember me' option with this? I don't quite understand what they have in mind
They want to restrict all the users,who are not coming from their company ip address.means users cannot access the system from different locations
yes,some sort of 'remember me' option.

VladSun
VladSun wrote:.htaccess
[text]order deny,allow
deny from all
allow from 11.22.33.44[/text]
Problem is,in my server there is another system running.Actually two systems & different users & different companies.
So i cannot allow access the server to only one ip address

Any help.......
thanks in advance.......

Re: restrict access by matching a static ip address

Posted: Tue Jul 26, 2011 6:45 am
by social_experiment
For a "remember me" option you will need an additional check, something like a cookie.

Re: restrict access by matching a static ip address

Posted: Tue Jul 26, 2011 3:06 pm
by pickle
Just a note that IPs can be spoofed relatively easily, so this restriction should not be considered a valid security measure.

Re: restrict access by matching a static ip address

Posted: Tue Jul 26, 2011 11:42 pm
by ishakya
Thanks all,
pickle wrote:Just a note that IPs can be spoofed relatively easily, so this restriction should not be considered a valid security measure.
Yes i know pickle,
But the company people wont listen to this.....
social_experiment wrote:For a "remember me" option you will need an additional check, something like a cookie.


But can u tell me how can i get the ip address from the index page.......

Thanks in advance....

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 3:08 am
by VladSun
ishakya wrote:VladSun
VladSun wrote:.htaccess
[text]order deny,allow
deny from all
allow from 11.22.33.44[/text]
Problem is,in my server there is another system running.Actually two systems & different users & different companies.
So i cannot allow access the server to only one ip address

Any help.......
thanks in advance.......
http://httpd.apache.org/docs/1.3/mod/mod_access.html
Summary

The directives provided by mod_access are used in <Directory>, <Files>, and <Location> sections as well as .htaccess files to control access to particular parts of the server.

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 3:52 am
by Apollo
ishakya wrote: VladSun
VladSun wrote:.htaccess
[text]order deny,allow
deny from all
allow from 11.22.33.44[/text]
Problem is,in my server there is another system running.Actually two systems & different users & different companies.
So i cannot allow access the server to only one ip address
You can just insert this .htaccess rule in the subdirectory where the site for just that one company is located. It will protect that particular directory + any subdirectories inside it.

(in the unlikely case that you're hosting two different sites in the same subdir: fix that first :))

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 4:06 am
by ishakya
thanks all for your support...

But i didn't get much of that....
can u explain it more please.......

Because I'm new with php & related stuff


So any explanations will be an advantage...
thanks in advance.....

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 4:35 am
by VladSun
It's not PHP - it's Apache config.
Just create a .htaccess file in the root directory of the site you want to protect and write the lines I gave you above - change the IP, of course.
Also you have to be sure that .htaccess file rules are permitted by using http://httpd.apache.org/docs/1.3/mod/co ... owoverride

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 6:25 am
by ishakya
thanks vladsun,
but can u tell me how to create a .htaccess file????
thanks in advance

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 6:34 am
by VladSun
As usual?!? Nothing special about it.

Re: restrict access by matching a static ip address

Posted: Wed Jul 27, 2011 10:31 am
by flying_circus
VladSun wrote:As usual?!? Nothing special about it.
I have found that windows wont let you save a file without a name. I have to create a.htaccess, upload the file, then rename it to .htaccess