Author
|
Message
|
John Smith
|
Friday 27 November 2009 12:54:16 am
Hi guys, Hope someone can help me. What is the best way to protect the following URL from public. http://www.xxxx.com/xx_admin/user/register I dont want to disable registration module for administration interface. Cheers,
|
Damien Pobel
|
Friday 27 November 2009 1:11:39 pm
Hi John, you could try to add the following lines to the site.ini.append.php file of siteaccesses where you want to disable user/register view :
[SiteAccessRules]
Rules[]
Rules[]=access;enable
Rules[]=moduleall
Rules[]=access;disable
Rules[]=module;user/register Cheers
Damien
Planet eZ Publish.fr : http://www.planet-ezpublish.fr
Certification : http://auth.ez.no/certification/verify/372448
Publications about eZ Publish : http://pwet.fr/tags/keywords/weblog/ez_publish
|
John Smith
|
Saturday 28 November 2009 2:12:32 am
Cheers, mate, I do not want to disable the registration view, looking to protect it from certain IP addresses. Anybody else please?
|
Damien Pobel
|
Saturday 28 November 2009 3:15:26 am
I don't think you cannot do that directly in eZ Publish without modifiying kernel/user/register.php or by writing your own view in an extension to register users. If you use Apache, you can also set up some rewrite rules that filters the access to /user/register based on the IP.
Damien
Planet eZ Publish.fr : http://www.planet-ezpublish.fr
Certification : http://auth.ez.no/certification/verify/372448
Publications about eZ Publish : http://pwet.fr/tags/keywords/weblog/ez_publish
|
Sylvain Gogel
|
Monday 30 November 2009 2:15:12 pm
I agree with Damien, it's not something you can easily acheave at application level, but Apache rewrite rules can do. At ezpublish you can create your own register module that will call the user/register view and add a security check before running if.
--
http://www.ecedi.fr
Agence Web, Créa/Conseils, Accessibilité
eZPublish, Drupal, Zend, Symfony
|
John Smith
|
Tuesday 08 December 2009 4:21:13 am
So this means, there is no way we can protect the following URL from Anonymous Users in out of the box solution. http://www.xxx.com/xx_admin/user/register Anyone can register if you know the URL... EzCrew any possible quick solution?
|
Gaetano Giunta
|
Tuesday 08 December 2009 7:29:43 am
it's about roles and policies - to block anon user registration you will have to alter some settings in an override of sinte.ini. Search for this text in the default site.ini for more details: # A list of module or module/views that don't require user login
AnonymousAccessList[]
Principal Consultant International Business
Member of the Community Project Board
|