Page 1 of 1
Restrict access PC wise ...
Posted: Thu Nov 30, 2006 4:14 pm
by ab4net
hi all,
am developing a program for exchange company, there request is to make the website (program directory) accesseble only from certain pc's
so the employee cant log from home, and make un-wanted transfers ...etc
i dont know how to do it, but i know it is possible, because western union doing the same !! and they can restrict to telephone number (there program 100% an online page) i checked it ...
the idea here, (dont know if works) to give them a CD, with an EXE file, when they run the small application it creates a directory as example c:/tnt/locker/auth/system.txt, and to make my page reads the file, if it is not available it then dosent allow the access !!
is that possible or is there any ideas ??
thanks to all in advance ...
Posted: Thu Nov 30, 2006 5:09 pm
by Ambush Commander
Simple. Set Apache to deny all requests that are outside the intranet.
Posted: Fri Dec 01, 2006 3:43 am
by ab4net
thanks,
cant do so, because it is shared hosting.
any other ideas ???
Posted: Fri Dec 01, 2006 4:49 am
by theFool
I guess it is really hard, probably impossible, to establish a fail-safe authentification if you're not allowed to edit the htaccess files of the webserver.
If your company has a fixed IP for their internet connection, you could try to read the IP address, with $_SERVER[''REMOTE_ADDR''] but an attacker might fake this.
Looks like your company should think about at least a managed server with full administration webserver.
Posted: Fri Dec 01, 2006 7:40 am
by Mordred
theFool wrote:...read the IP address, with $_SERVER[''REMOTE_ADDR''] but an attacker might fake this.
How?
Posted: Fri Dec 01, 2006 7:49 am
by sike
Posted: Fri Dec 01, 2006 8:18 am
by ab4net
is there a way to make the page (php) which is online to make it able to read a TXT file at the computer ?
even if a message should be appeared to the user, is there any way to do so?
Posted: Fri Dec 01, 2006 9:11 am
by theFool
Mordred wrote:theFool wrote:...read the IP address, with $_SERVER[''REMOTE_ADDR''] but an attacker might fake this.
How?
Dunno, I am not a hacker ^^.
IP spoofing would be possible then, but I cannot say how difficult it is to do so.
I haven't used Remote_addr before but maybe you can supress, fake it like HTTP_Referer but as I think about it now, I'll rather doubt it.

Posted: Fri Dec 01, 2006 10:56 am
by ab4net
i think i have to do it with active x controls ...
but is it possible is the server apache and dosent support microsoft,
and is there any one can advice an idea ..? in this field ...
active x
regards,
Posted: Fri Dec 01, 2006 11:25 am
by aaronhall
Can't use .htaccess Deny/Allow?
Posted: Fri Dec 01, 2006 11:29 am
by Burrito
if someone can spoof an ip, it's not going to matter whether you deny / allow by ip via apache or php. a denied ip is a denied ip.
I'd try to go the .htaccess route if you can and if that wont' work, then write some code into your php to check against the ip address of the visitor.
Posted: Fri Dec 01, 2006 3:36 pm
by timvw
ab4net wrote:thanks,
cant do so, because it is shared hosting.
any other ideas ???
Why would you host an intranet site on the worldwide web in the first place???
Overhere our identity cards are smartcards.. And authentication is performed with a public/private key on the card...
Posted: Fri Dec 01, 2006 3:39 pm
by ab4net
seems great idea,
can you please tell me more about it,
i need to know the following pelase if you can,
if i build online server, IIS
and enabled the php and mysql on it,
how to use the smatcard, and how to set it and ... etc ...
can you guide me or send me to a good DETAILED step by step tutorial

i think i can convence them to have there own host
thanks in advance ...
Posted: Sat Dec 02, 2006 1:42 am
by timvw