How can I show a View for certain visitors from a specific IP address or specific logged in user? The view should only display for a visitor from a specific IP address,and other visitors see an empty View.
One way would be to use the Restrict Login or Role Access by IP Address module to assign the specific IP address(es) a role. Then in the view, configure Basic settings > Access to limit access to the view to only users with that particular role.
Related
I'm new to user authentication and related digital security issues, so I would like to know if the way I'm doing things is ok. Currently the way my server "remembers" users is based solely on the IP address they have logged in from. If they check the remember me option, I store that IP in the database and from then on, every time that machine enters the website, I check if that IP is associated with one of my users. If so, I log them in.
What is good or bad on that approach?
I write a chat application in nodejs with a socket.io library, the problem is in the administration of users, is it better to write an administrative logic based on clients ip adress or based on an id-s from the database?
I would appreciate any help.
is it better to write an administrative logic based on clients ip
Most users will connect from a dynamic IP addresses so the IP address they use will most likely change.
You would need some method to authenticate users and identify administrators, normally using some user database.
We develop a web application.
There is a user login and a user area for the customers of a certain company.
And there is an agent/office login and area for some employees of the company who manage user account handling and so on.
The office agent has to login with his username and password.
But additionally, for security reasons, we will limit the agent/office login and area for specific IP addresses (as seen in other applications).
But we would like to have a "fallback" for certain situations where, for example, a web developer of the application needs access to the office area and has not one of the special IP addresses.
Until now we had not many ideas.
We thought of providing access when there is a very special user-agent string with a hash value.
Has anybody implemented such security mechanisms and can inform me about it?
Thanks alot in advance
I've just started using MVC5 and I want to make my website available just for a specific IP address, so I check the client IP address using the following:
Request.UserHostAddress;
I have two users to access to my website and every one have to access from specific IP address, so I need your help to know how to do this note that I use the default user authentication from MVC.
Every single support word is appreciated.
I want to block a specific user to access my website. I know it is not possible with Dynamic IP. Is there any other alternate to block the specific user to access website? I'm currently at APACHE LINUX based server.
The user manages web account at my website.
I'm managing a user account on PHP with $_SESSION variables. The user are authenticated using login and password just like any shopping cart website.
Unless the user has to log in, you have no way of knowing who is accessing your site if he's on a dynamic ip address. The only mechanism I can think of is to check any cookie that identifies the user that you've already placed on his system. This wouldn't of course stop them from accessing your site from a different machine.
Long story short - unless the user has to log in first of all, or you have some other means (cookie?) of identifying the user, then not that I know of.
can be achieved by .htaccess
to block a specific ip,
order allow,deny
deny from 127.0.0.1
allow from all
or use this to block a complete range of ip,
deny from 127.0.0