Tags:
create new tag
view all tags

Question

Brainstorming Idea: IP Access Control

It would be nice if it is possible to define ip-addresses next to users and groups to have acces to a web or topic. In that case everybody from inside the company would be allowed to view and change topics about the organization without the need to logon!

-- HarrytSchimmel - 04 Jun 2008

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

This could be done with a plugin (see for example BlackListPlugin), but it can be done much easier with Apache directives. Untested example, showing a subnet restriction on 3 bytes of an IP address:

Order Deny,Allow
Deny from all
Allow from 12.23.56

Caution: IP addresses can be forged, see Wikipedia:IP_address_spoofing. A safer way is to establish a VPN tunnel between a hosted site and the internal network.

-- PeterThoeny - 04 Jun 2008

What if you don't want to deny from all but want to grant editing capabilities based on the ip?

-- HarrytSchimmel - 09 Jun 2008

I think that can be done with the Require directive of Apache. Consult the Apache docs, or ask in an Apache support forum.

(I moved this question from the Plugins web to the Support web.)

-- PeterThoeny - 09 Jun 2008

Change status to:
Edit | Attach | Watch | Print version | History: r6 < r5 < r4 < r3 < r2 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r6 - 2008-08-02 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.