/admin urls’ must only be accessible from internal subnet - not public internet. How can i implement same on Apigee Developer Portal ?
~~Q:S:S~~
Solved! Go to Solution.
Programmatically, you could do this as follows in a custom module, implementing
hook_init()
.
function mymodule_init() { if (arg(0) == 'admin') { $ip = $_SERVER['REMOTE_ADDR']; // Allow access from 192.168.1.0/24 or from localhost, // exclude everything else. if (substr($ip, 0, 10) != '192.168.1.' && substr($ip, 0, 4) != '127.' && $ip != '::1' ) { drupal_access_denied(); } } }
One of the ways is to block admin pages access at your server level configuration
If web server is apache add following to httpd.conf
<Location /admin/> Order Allow,Deny Allow from 192.168.1.0/24 </Location>
location /admin/ { # allow anyone in 192.168.1.0/24 allow 192.168.1.0/24; # drop rest of the world deny all; }
This will allow access to admin pages from ip ranges within subnet of 192.168.1.0/24.
Be aware that /index.php?q=admin
is also a valid path, and is an alias to /admin
. Your Apache or nginx configuration will need to be more complex than the above in order to block this pattern.
Out of curiosity, is there a way to do this directly in Drupal? Provide an ip range and/or specific IP addresses and restrict all admin access to requests from those IPs?
Yes, that's possible we just need to change access callback for admin pages and inside the access callback we will need a way to get all ips for a subnet and depending on it return true or false. In fact this will make sure for access check for non clean URLs
Programmatically, you could do this as follows in a custom module, implementing
hook_init()
.
function mymodule_init() { if (arg(0) == 'admin') { $ip = $_SERVER['REMOTE_ADDR']; // Allow access from 192.168.1.0/24 or from localhost, // exclude everything else. if (substr($ip, 0, 10) != '192.168.1.' && substr($ip, 0, 4) != '127.' && $ip != '::1' ) { drupal_access_denied(); } } }
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |