| Re: Restricting access to a website [message #174858 is a reply to message #174856] |
Wed, 13 July 2011 19:53   |
Luuk
Messages: 329
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 13-07-2011 21:43, The Natural Philosopher wrote:
> Luuk wrote:
>> On 12-07-2011 02:38, Jerry Stuckle wrote:
>>> On 7/11/2011 7:24 PM, Chuck Anderson wrote:
>>>> Jerry Stuckle wrote:
>>>> > On 7/11/2011 4:08 PM, Graham Hobbs wrote:
>>>> >> On Sun, 10 Jul 2011 22:21:41 -0400, Jerry Stuckle
>>>> >> <jstucklex(at)attglobal(dot)net> wrote:
>>>> >>
>>>> >>> On 7/10/2011 10:01 PM, Graham Hobbs wrote:
>>>> >>>> Hello,
>>>> >>>>
>>>> >>>> I 'very laboriously' coded my index.php (close to novice level),
>>>> >>>> for
>>>> >>>> my website and it is up and running. It's not public yet and
>>>> >>>> needs to
>>>> >>>> stay that way. I need to give the address to two people who will
>>>> >>>> help
>>>> >>>> with my product's development .. but they could reveal the address
>>>> >>>> anywhere, inadvertently or otherwise.
>>>> >>>>
>>>> >>>> If, for example, my website is www .lahdedah. com, I want to allow
>>>> >>>> full access to these two people (and me:-)) .. others would get a
>>>> >>>> 'Sorry, not yet available' screen. I envision hard coding their
>>>> >>>> home
>>>> >>>> address's into my index.php?? Am not interested in any additional
>>>> >>>> typing by these three.
>>>> >>>>
>>>> >>>> Hope I've been clear. Is this feasible, easy/hard/unusual?
>>>> >>>> Please, thanks
>>>> >>>> Graham
>>>> >>> There are any number of ways to do it, none of which require PHP or
>>>> >>> any
>>>> >>> other server-side language. Try alt.apache.configuration
>>>> >>> (assuming, of
>>>> >>> course, you're using Apache).
>>>> >>>
>>>> >>> Also, unless you are David Small of Small Expressions, you
>>>> >>> shouldn't be
>>>> >>> using his domain name in an example. Use www.example.com, which is
>>>> >>> reserved for just such a purpose.
>>>> >> ---
>>>> >> Jerry, folks, thanks,
>>>> >>
>>>> >> Will check into alt.apache.configuration and apologies about
>>>> >> lahdedah,
>>>> >> didn't know about example.com.
>>>> >>
>>>> >> But I wasn't emphatic enough .. yes I would know their IP
>>>> >> addresses so
>>>> >> CAN I hard code them in my index.php? Yes or no would do and a PHP
>>>> >> buzzword I might search on to get started .. I just prefer all my
>>>> >> code
>>>> >> in one place.
>>>> >>
>>>> >> .. am definitely not interested in extra keying of passwords by my
>>>> >> two
>>>> >> associates.
>>>> >>
>>>> >> Thanks,
>>>> >> Graham
>>>> > You definitely need alt.apache.configuration. No need to do anything
>>>> > to your php code.
>>>> >
>>>> If you know the IP addrs - simply compare them to the Php global
>>>> $SERVER['REMOTE_ADDR'].
>>>>
>>>>
>>> No need to even go to that trouble. It can all be done in the Apache
>>> configuration with no changes to the web pages at all.
>>>
>>
>> Jerry,
>> Can you explain the REAL benefits of doing this in apache,
>> despite the fact that this is a PHP-newsgroup?,
>>
>
> Never heard of jerry explaining anything.
>
>> And the real drawbacks from changing a bit to his own php-code just for
>> this case?
>>
>> I simply dont understand why sending him away to
>> alt.apache.configuration is better ....
>>
>
> No, its just Jerry being dumb and stubborn as usual.
>
> On the basis that te OP wants to play in the PHP sandpit and not the
> Apache sandpit the optimal and more than adequate solution is to use the
> pre-loaded variables to examine the browser remote IP address and
> display page material contingent on that.
>
> Its a far more powerful and flexible way, and is the sort of thing you
> might use to say 'Vous etes en France, Pour la version en Anglais, ici->'
>
> (You could aslo reconfigure your firewall to only allow physical IP
> access from them:Sledgehammers and nuts)
>
>
> As opposed to 'enter name and password to see my crap test website'
>
> You have to do the latter of your victims are on dynamic addresses though.
>
>>
>>
I understand that,
and indeed, in this case PHP should do well,
When i was a employee of a firewall-selling-company, i would probably
reconfigure my (hardware-)firewall ;)
And, last (but not least), when i did not know enough about PHP, i would
add some rules to my apache-config.....
--
Luuk
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]