Loading...
 
Features / Usability

Features / Usability

Forum List Topic List

Forums » Features / Usability » How to block external acess?
 
Thread actions
PDF Print this page
  • Print all pages

    • How to block external acess?

    Posted by Tailor posts: 2 Brazil

    So we're creating topics on tiki as doc for our software - it will have buttons on some forms to open specific help and documentation to our users (read only).

    We have redirected a port on firewall do acess the tiki VM, but I'll like to block acess to login if this request comes from IP x.x.x.1 (the firewall), 'cause it will be an external acess. Only people on the local network will have the chance to try login to edit the pages...

    How could I do that ?

    TIA

    Reads: 4941
    Link
    Posted by Tom Jarvis posts: 214

    To block all Tiki log in attempts from IP addresses ending in .1, you can add the code below after the "RewriteEngine On" statement in the .htaccess file (or _htaccess file, if .htaccess is a symbolic link).

    Copy to clipboard
    RewriteCond %{REMOTE_HOST} ^.*\..*\..*\.1$
RewriteCond %{REQUEST_URI}  "tiki-login_scr.php.*"
RewriteRule ^.*$ tiki-information.php?msg=Log-in-is-resticted [NS,L]


    That says if the IP address of the remote host ends in .1, and they are trying to access tiki-login_scr.php, then redirect them to the error message.
    It checks for things after the tiki-login_scr.php because tiki-login_scr.php?user=admin can be used to prefill in the user name.

    If you have any local network IP addresses ending in .1, this will block them too.

    Tom

    Link