Free Limit Windows Application Login to Specific IPs

craigbrass · 12:11 PM

Open /winapp/index.php and right after the copyright information, add the following :-

Code:

$listofauthorizedips = array('222.222.222.222','222.222.222.222');
if (!in_array($_SERVER['REMOTE_ADDR'], $listofauthorizedips)) {
	die('You are not authorized to use the windows application.');
}

Simply replace the IPs with the ones you wish to authorize.

jnet · 09-07-2008, 02:56 PM

thanks I will try that

Siora · 09-07-2008, 04:50 PM

How does this mod work regarding agents connected to a router or those that don't know the main IP address, they only know their local IP address.

***John Haugeland*** · 09-07-2008, 09:23 PM

It would be far more appropriate to implement something like this in a .htaccess rule, which will correctly handle resolving rDNS, alternate network identity encodings, alternate IP address encodings and so forth, rather than to alter the application.

We do not recommend this modification.

***John Haugeland*** · 09:52 PM

Ryan says I should clarify why I'm asking customers to do things in a different way than the application does.

1) We can't put stuff in .htaccess for several reasons. First off, some webservers don't support .htaccess, or have it turned off, or limit how it can be used, or etc. We also can't be certain that any given webserver is using them, and it's not really acceptable for our code to make security assumptions about driving webservers. End users know what webserver they're using and how it's configured, and as such do not have this limitation.

2) We don't want people modding their desks if it's not necessary, especially for security stuff, for several reasons. Besides that we can't check the work, it also means that every time the desk is updated, the change goes away. Especially for security related topics, things should not need to be remembered.

3) It's a lot easier for an end user to check if .htaccess is correct.

4) .htaccess will be a lot faster.

Craig's fix is generally correct, but users can't do the same things that staff do, particularly because upgrading wipes out changes you make that aren't in the main tree.

We continue to recommend a .htaccess driven solution.

GoneShootin · 28-07-2008, 04:29 PM

John

Do you have an example htaccess file that can be used as a base to implement such a task? I raised a similar question here and was pointed to this thread.

craigbrass · 28-07-2008, 08:48 PM

htaccess way is as follows.

Code:

Order Deny,Allow
Deny From All
Allow From 1.2.3.4
Allow From 1.2.3.4

Add additional lines for additional IPs.

***John Haugeland*** · 28-07-2008, 09:11 PM

Craig posted a correct answer, but it looks like vBulletin may have mangled it slightly.

Here's a manpage.

GoneShootin · 28-07-2008, 10:06 PM

Thanks craig et al.

craigbrass · 29-07-2008, 09:29 AM

Your welcome. Glad I could be of help.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Setting up e-mail parsing using POP3 (or IMAP) on Windows 2003 Server	bardfor	E-mail Piping Issues	6	12-08-2008 04:00 AM
Windows update KB944533 causes LiveResponse application crash	Jamie Edwards	News and Announcements	0	13-02-2008 11:17 PM
Limit staff from connecting using the Desktop Application	Thijs	LiveResponse Desktop Application	12	01-02-2008 11:32 PM
Free Limit Windows Application Use to Specific Users	craigbrass	Modifications & Addon Releases	0	01-02-2008 02:53 PM

jnet Offline Member Posts: 494 Join Date: Mar 2008	09-07-2008, 02:56 PM thanks I will try that Smart magnetic card reader Reflective tape

Siora Offline Member Posts: 1,279 Join Date: Apr 2007 Location: Toronto Canada	09-07-2008, 04:50 PM How does this mod work regarding agents connected to a router or those that don't know the main IP address, they only know their local IP address. Siora Solutions Inc. www.sioraIT.com

GoneShootin Offline Member Posts: 121 Join Date: Jan 2008	28-07-2008, 04:29 PM John Do you have an example htaccess file that can be used as a base to implement such a task? I raised a similar question here and was pointed to this thread. http://img251.imageshack.us/img251/4743/realmenrm7.gif

craigbrass Offline Senior Member Posts: 5,245 Join Date: Jun 2005 Location: Cumbria, UK	28-07-2008, 08:48 PM htaccess way is as follows. Code: Order Deny,Allow Deny From All Allow From 1.2.3.4 Allow From 1.2.3.4 Add additional lines for additional IPs. Craig Brass - Kayako Forum Squatter (Note: I am NOT a staff member) Icon Headquarters - Its Elixir - Web2Messenger

GoneShootin Offline Member Posts: 121 Join Date: Jan 2008	28-07-2008, 10:06 PM Thanks craig et al. http://img251.imageshack.us/img251/4743/realmenrm7.gif

craigbrass Offline Senior Member Posts: 5,245 Join Date: Jun 2005 Location: Cumbria, UK	29-07-2008, 09:29 AM Your welcome. Glad I could be of help. Craig Brass - Kayako Forum Squatter (Note: I am NOT a staff member) Icon Headquarters - Its Elixir - Web2Messenger