Welcome, Guest
Username: Password: Remember me

TOPIC: Blocking admin page from outside networks

Blocking admin page from outside networks 2 years 1 week ago #86721

For security matters I need to block the access to admin/ directory from networks outside my company. I know I can block admin/ directory with .htaccess or whatever, but still anyone in the world can have access to the login page with the url "index.php/admin/authentication/login", which is not covered by the .htaccess.

How to REALLY block it and secure the login/admin pages?
The administrator has disabled public write access.

Re: Blocking admin page from outside networks 2 years 1 week ago #86722

I know you could do this with IPtables to make a whitelist of allowed IPs to access your domains. I've used this to control access to an entire server, by modifying it in /etc/apache2/default-config.conf, however I didn't use it control access to an individual directory.

Maybe some more senior Linux gurus can help with this one.
I'm a call centre and market research technology consultant, lead/sample provider, and panel broker.

I'm also the co-founder and former IT Director of Winning Research Ltd. - LimeSurvey helped the company become a multi-million dollar company within just a few years!
The administrator has disabled public write access.

Re: Blocking admin page from outside networks 2 years 1 week ago #86750

  • DenisChenu
  • DenisChenu's Avatar
  • OFFLINE
  • Moderator Lime
  • Posts: 6429
  • Thank you received: 839
  • Karma: 249
order deny,allow
deny from all
allow from 192.168.0.1
There are possibility by referrer (see RewriteCond %{http_referer})

Denis
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.163 seconds
Donation Image