Forums / Install & configuration / Restrict the Access to the Admin Interface
Günther Lackner
Thursday 20 October 2005 6:32:40 am
Hi!
I need to restrict the access to the back end. Is there a possibility to only allow an IP address range? Or is it possible to bind the admin interface to a certain port?
thanks 4 your help!lacky
Björn Dieding@xrow.de
Thursday 20 October 2005 9:48:24 am
Yes you can do that... but it is nothing you can do within ez publish
You will need to use apache for this. Have a look in the apache docs
Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs Looking for hosting? http://hostingezpublish.com ----------------------------------------------------------------------------- GMT +01:00 Hannover, Germany Web: http://www.xrow.com/
Marko Žmak
Thursday 20 October 2005 10:18:30 am
Just for the info, why do you want to restrict access to some IP adresses? Doesn't the user and roles system in eZ provide enough functionality?
-- Nothing is impossible. Not if you can imagine it! Hubert Farnsworth
Friday 21 October 2005 1:21:30 am
It is a security matter. If I make the admin interface only reachable at an specific PORT, I can restrict the access to this PORT in the firewall. So nobody can even access the admin page. Just computers which I can trust.
lacky
Friday 21 October 2005 11:37:35 am
Well you could do this with "Location" (or "LocationMatch") and "Alow/Deny" directives in Apache. Something like this:
<Location index.php/my_ez_site/admin/*> Order Deny, Allow Deny From All Allow From <your_ip_list></Location>
but check the correct syntax fo these directives, I haven't been using them for quite a while.
And there's no need for binding the admin interface to another port.