SOLVED: Secure your admin by IP address filtering

Author Message

Andreas Kaiser

Thursday 05 March 2009 4:38:32 am

Hi,

One of our clients (with uri configuration) wanted to limit the access to administration interface to their company IPs (fixed).

So we added to the vhost file following lines:

        <Location /admin_site_access_name>
                Order deny,allow
                Deny from all
                Allow from 10.1.0.128/27 # internal IP range of customer
        </Location>

Original author: http://rimann.org/blog/2008/10/secure-your-typo3-backend-by-ip-address-filtering/

In our servers this configuration is working and should be compatible with other ez publish installations, but of course we can't ensure this works for all installations...

eZ Partner in Madrid (Spain)
Web: http://www.atela.net/

Genri Moshkovich

Thursday 05 March 2009 5:09:42 am

Nice solution! Can be useful for our projects...

Thanks, Andreas!

Best regards,
Genri Moshkovich

Jean-Yves Zinsou

Thursday 05 March 2009 6:14:21 am

Hi there,

Please note that this is a apache config, so it checks the part of the url just after the host name without knowing if it is a physical folder or a site access.
2 cases :
1 - ez running in virtual host mode :
http://<hostname>/<siteaccess>

-> works fine

2- ez running in uri mode:
http://<hostname>/<folder>/index.php/<siteaccess>

-> Wont work

Just to avoid further posts asking why their uri mode ez installation not working with this setting.
;-)

Do Androids Dream of Electric Sheep?
I dream of eZpubliSheep....
------------------------------------------------------------------------
http://www.alma.fr

Andreas Kaiser

Thursday 05 March 2009 6:23:28 am

Thanks Jean-Yves,

You are 100% right, sorry for not posting a more deeper explanation...

eZ Partner in Madrid (Spain)
Web: http://www.atela.net/

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.