<![CDATA[FrontAccounting forum — Static IP Access]]> https://frontaccounting.com/punbb/viewtopic.php?id=6512 Wed, 12 Oct 2016 02:27:55 +0000 PunBB <![CDATA[Re: Static IP Access]]> https://frontaccounting.com/punbb/viewtopic.php?pid=26588#p26588 An Apache vhosts conf file would prevent .htaccess files being compromised. Most standard OpenVZ and other templates provide examples of such configs.

Here is one from a Debian FA apache conf where the rewrite conditions above be inserted:

ServerAdmin webmaster@localhost
ServerSignature Off
ServerTokens Prod

<IfModule mpm_prefork_module>
    StartServers 2
    MinSpareServers 1 
    MaxSpareServers 2
    MaxClients          50
    MaxRequestsPerChild 100
</IfModule>

<VirtualHost *:80>

DocumentRoot /var/www/frontac

<Directory />
        Options FollowSymLinks
        AllowOverride None
</Directory>

<Directory /var/www/frontac>
        Options FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
        DirectoryIndex index.php index.html
</Directory>

### Will possibly affect any other php script in it 
# <Directory /var/www/frontac/sql/>
#   Order Deny,Allow
#   Deny from All
# </Directory>

<IfModule mod_rewrite.c>
        <Location /modules/api/>
                Options -MultiViews
                RewriteEngine on
                RewriteCond %{REQUEST_FILENAME} !-f
                RewriteRule ^ index.php [QSA,L]
        </Location>
</IfModule>

# Protect sensitive files.
<FilesMatch "\.(inc|po|sh|.*sql|log)$">
    Order allow,deny
    Deny from All
    Satisfy All
</FilesMatch>

# Disable directory listings.
Options -Indexes

# Set the default index.
DirectoryIndex index.php

<IfModule mod_php5.c>
    php_flag magic_quotes_gpc Off
    php_flag register_globals Off
    php_flag session.use_trans_sid Off
</IfModule>

ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined

</VirtualHost>
]]> Wed, 12 Oct 2016 02:27:55 +0000 https://frontaccounting.com/punbb/viewtopic.php?pid=26588#p26588 <![CDATA[Re: Static IP Access]]> https://frontaccounting.com/punbb/viewtopic.php?pid=26582#p26582 Something like this in a .htaccess file, assuming you're using Apache.

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/noway.html$
RewriteCond %{REMOTE_ADDR} !=123.45.67.89
RewriteRule $ /noway.html [R=301,L]

or you could add an iptables firewall rule, again if its a linux box.

]]> Tue, 11 Oct 2016 15:46:34 +0000 https://frontaccounting.com/punbb/viewtopic.php?pid=26582#p26582 <![CDATA[Static IP Access]]> https://frontaccounting.com/punbb/viewtopic.php?pid=26574#p26574 Is it possible to restrict Frontaccounting access from a Static IP Address?

]]> Tue, 11 Oct 2016 08:37:34 +0000 https://frontaccounting.com/punbb/viewtopic.php?pid=26574#p26574