Restrict the Access to the Admin Interface

Author Message

Günther Lackner

Thursday 20 October 2005 6:32:40 am

Hi!

I need to restrict the access to the back end. Is there a possibility to only allow an IP address range? Or is it possible to bind the admin interface to a certain port?

thanks 4 your help!
lacky

Björn [email protected]

Thursday 20 October 2005 9:48:24 am

Yes you can do that... but it is nothing you can do within ez publish

You will need to use apache for this. Have a look in the apache docs

Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs
Looking for hosting? http://hostingezpublish.com
-----------------------------------------------------------------------------
GMT +01:00 Hannover, Germany
Web: http://www.xrow.com/

Marko Žmak

Thursday 20 October 2005 10:18:30 am

Just for the info, why do you want to restrict access to some IP adresses? Doesn't the user and roles system in eZ provide enough functionality?

--
Nothing is impossible. Not if you can imagine it!

Hubert Farnsworth

Günther Lackner

Friday 21 October 2005 1:21:30 am

It is a security matter. If I make the admin interface only reachable at an specific PORT, I can restrict the access to this PORT in the firewall. So nobody can even access the admin page. Just computers which I can trust.

lacky

Marko Žmak

Friday 21 October 2005 11:37:35 am

Well you could do this with "Location" (or "LocationMatch") and "Alow/Deny" directives in Apache. Something like this:

<Location index.php/my_ez_site/admin/*>
Order Deny, Allow
Deny From All
Allow From <your_ip_list>
</Location>

but check the correct syntax fo these directives, I haven't been using them for quite a while.

And there's no need for binding the admin interface to another port.

--
Nothing is impossible. Not if you can imagine it!

Hubert Farnsworth

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.