• From: Pakistan, Karachi
  • Registered: 03/03/2015
  • Posts: 654

Topic: Static IP Access

Is it possible to restrict Frontaccounting access from a Static IP Address?

www.boxygen.pk

boxygen's Website

2 Reply by cambell (edited by cambell 10/11/2016 03:48:09 pm)

  • From: New Zealand, Wellington
  • Registered: 06/19/2014
  • Posts: 128

Re: Static IP Access

Something like this in a .htaccess file, assuming you're using Apache.

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/noway.html$
RewriteCond %{REMOTE_ADDR} !=123.45.67.89
RewriteRule $ /noway.html [R=301,L]

or you could add an iptables firewall rule, again if its a linux box.

Cambell https://github.com/cambell-prince

cambell's Website

3 Reply by apmuthu (edited by apmuthu 10/12/2016 02:29:55 am)

  • From: Singapore, India, Chennai
  • Registered: 05/02/2009
  • Posts: 6,160

Re: Static IP Access

An Apache vhosts conf file would prevent .htaccess files being compromised. Most standard OpenVZ and other templates provide examples of such configs.

Here is one from a Debian FA apache conf where the rewrite conditions above be inserted:

ServerAdmin webmaster@localhost
ServerSignature Off
ServerTokens Prod

<IfModule mpm_prefork_module>
    StartServers 2
    MinSpareServers 1 
    MaxSpareServers 2
    MaxClients          50
    MaxRequestsPerChild 100
</IfModule>

<VirtualHost *:80>

DocumentRoot /var/www/frontac

<Directory />
        Options FollowSymLinks
        AllowOverride None
</Directory>

<Directory /var/www/frontac>
        Options FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
        DirectoryIndex index.php index.html
</Directory>

### Will possibly affect any other php script in it 
# <Directory /var/www/frontac/sql/>
#   Order Deny,Allow
#   Deny from All
# </Directory>

<IfModule mod_rewrite.c>
        <Location /modules/api/>
                Options -MultiViews
                RewriteEngine on
                RewriteCond %{REQUEST_FILENAME} !-f
                RewriteRule ^ index.php [QSA,L]
        </Location>
</IfModule>

# Protect sensitive files.
<FilesMatch "\.(inc|po|sh|.*sql|log)$">
    Order allow,deny
    Deny from All
    Satisfy All
</FilesMatch>

# Disable directory listings.
Options -Indexes

# Set the default index.
DirectoryIndex index.php

<IfModule mod_php5.c>
    php_flag magic_quotes_gpc Off
    php_flag register_globals Off
    php_flag session.use_trans_sid Off
</IfModule>

ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined

</VirtualHost>

apmuthu's Website