Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

How can I block admin login access to a set of CIDR IP ranges?

  • blocka
  • blocka's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
More
7 years 1 month ago - 7 years 1 month ago #148246 by blocka
For security requirements, we need to block access to the admin login area of LS by a set of IP ranges.

Can any suggestion a solution, even if just quick and dirty to block access to the admin login page?

I'd have guessed that .htaccess would have worked in the admin folder, but of course, that doesn't because I can just browse to : /index.php/admin/authentication/sa/login and bypass that...


Running version 2.59.1+170116 on LAMP.
Last edit: 7 years 1 month ago by blocka.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
7 years 1 month ago #148256 by DenisChenu
Hi,

Because i already done restrictions in some controllers, seems the best is "Do a plugin"

see framagit.org/SondagePro-LimeSurvey-plugi...nceMode/snippets/387 for a quick example (you need to do your test).
And manual.limesurvey.org/BeforeControllerAction for the plugin event

Denis

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • blocka
  • blocka's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
More
7 years 1 month ago #148318 by blocka
Hi Denis, I'd be interested in funding the creation of this plugin.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
7 years 1 month ago #148322 by DenisChenu
I see your email, and send you an answer : did you receive it ?
AT a***k AT m****s.c*

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • blocka
  • blocka's Avatar Topic Author
  • Offline
  • Platinum Member
  • Platinum Member
More
7 years 1 month ago #148330 by blocka
Hi, very odd. I didn't get it -- not even in spam. You can email me at alex.marketaccess@gmail.com -- post here when you've done so, and I'll remove my email from this post.
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose