restricting access to CMS not working
I wanted to hide my website's CMS login page from public and restrict access to it to the 2 public ips which where assigned to our enterprise's PCs by the hosting . so I added the following lines to .htaccess file:
Deny from all
Allow from 'first public ip'
Allow from 'second public ip'
It worked pretty well as long as we request the website by ip. Once we requested it by domain name it gives a forbidden page even if the connection is made by a pc from within the enterprise. I searched over and over again and haven't got to what went wrong.any help?
*** Moderator note: Please do not use a large font for your posts, it is equivalent to shouting ***
Last edited by jedaisoul; 07-23-2015 at 03:28 PM.
Reason: font size deleted
Ismail makes a good point that you could ip restrict the backend. Another thing that you could do is on the IIS site for mysite.com you could redirect anyone going to the umbraco folder back to the main site and for cms.mysite.com you can set the home as /umbraco/umbraco.aspx.
sorry I have no idea about that
Tell people to request it by IP Address and stop pestering you?
You can add the hostname, being FQDN if the box is not local. If on the LAN you can simply add the host name. Host names should be separate from I.P. address unless mod_authz_host in enabled and configured to do DNS lookups. Then it will resolve host
Allow from firstIP
Allow from secondIP
Allow from pc1.yourdomain.com
Allow from pc2.yourdomain.com
CMS permissions allow you to grant (or not grant) access to entire sections of CiviCRM to user roles, such as CiviMail, CiviEvent, etc. They also allow you to restrict the user's ability to view, edit, add and delete records such as contacts, events and contributions. However, this is an 'all or nothing' approach: you cannot differentiate between contacts who fall into different groups, for instance.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)