Gareth-Host Red Dragon Posted November 3, 2013 Report Posted November 3, 2013 Is it possible to restrict access to blestas admin area to certain IP addresses via .htaccess? Quote
0 Daniel B Posted November 4, 2013 Report Posted November 4, 2013 add a .htaccess into the admin directory with the following code: Order Deny,Allow Deny from all Allow from 1.1.1.1 of course put the IPs you want in it, multiple IPs can be separated by a single space on the same line (no commas) Quote
0 Gareth-Host Red Dragon Posted November 4, 2013 Author Report Posted November 4, 2013 add a .htaccess into the admin directory with the following code: Order Deny,Allow Deny from all Allow from 1.1.1.1of course put the IPs you want in it, multiple IPs can be separated by a single space on the same line (no commas) Thanks. Does Blesta have an actual admin directory though? Will have to check when I get home. Quote
0 Daniel B Posted November 4, 2013 Report Posted November 4, 2013 I didn't even think about that, lol....sorry...just posted a generic fix for htaccess IP blocking I'll let someone else come along and chime in on this one, as I've never really messed with this on a rewrite level and wouldn't want to help you screw it up Quote
0 Gareth-Host Red Dragon Posted November 4, 2013 Author Report Posted November 4, 2013 I didn't even think about that, lol....sorry...just posted a generic fix for htaccess IP blocking I'll let someone else come along and chime in on this one, as I've never really messed with this on a rewrite level and wouldn't want to help you screw it up No problem, thanks for your help anyway. Quote
0 Timothy Posted November 4, 2013 Report Posted November 4, 2013 You could try using a location match. Apache 2 or 2.2.<Location /admin>Order Deny,Allow Deny from all Allow from 1.1.1.1</Location> Apache 2.4 <Location /admin> Require ip 1.1.1.1 </Location> Quote
0 Gareth-Host Red Dragon Posted November 5, 2013 Author Report Posted November 5, 2013 You could try using a location match. Apache 2 or 2.2. <Location /admin> Order Deny,Allow Deny from all Allow from 1.1.1.1 </Location> Apache 2.4 <Location /admin> Require ip 1.1.1.1 </Location> Thanks will give that a go later today. Quote
0 AllToolKits.com Posted November 6, 2013 Report Posted November 6, 2013 oh! i just realized that blesta don't have admin folder, so restriction to admin via ip is impossible? Isn't it a security issue? How blesta render features to admin and users, by just checking user type? Quote
0 Timothy Posted November 6, 2013 Report Posted November 6, 2013 You don't need a admin folder to restrict by path. For Apache servers you can use the location example as stated above to do it. More information can be found at https://httpd.apache.org/docs/current/mod/core.html#location For security you should probably rename your /admin area to something else. Change the following line in the route.php file. Configure::set("Route.admin", "admin"); to something like Configure::set("Route.admin", "ziggyzoo"); to change the path to /ziggyzoo.Hope that helps. Michael and Daniel B 2 Quote
Question
Gareth-Host Red Dragon
Is it possible to restrict access to blestas admin area to certain IP addresses via .htaccess?
8 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.