L3Y Posted September 16, 2015 Report Posted September 16, 2015 Hi, I would like our customers to be able to restrict access to their account on a per ip basis. I know some customers who would really enjoy such feature. For admin, restrictions at the server level are more than fine, but having the option to restrict their account would just be a very good value added to Blesta. So then peoples will prob. stop being affraid about possibe mitm (or maybe much less worried) - ..it's already a hard thing to MITM, it would be just more difficult with such feature. I see Blesta did great things on XSS and injection prevention. I think such improvement will be an additional reason for going to Blesta, rather than any other billing solution. Cheers Quote
serge Posted September 17, 2015 Report Posted September 17, 2015 While at first look, it could be a good idea, I think IP is poor solution, example I use a firewall/proxy in a server being on front of the one that have Blesta and all customer IP reported in Blesta are just my firewall IP/proxy. Maybe second factor authentication is best and the option is ever there in Blesta Quote
Fantasma Posted September 19, 2015 Report Posted September 19, 2015 Many business users would want to restrict access to their client account or sub-accounts by IP address of their VPN or office IP. Quote
Cody Posted September 21, 2015 Report Posted September 21, 2015 This could be accomplished with a plugin. For users being a proxy, it would require reliance on the X-Forwarderd-For header (which we are looking to support in a future version). But I think two-factor authentication is a much better solution that IP restriction. Michael 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.