Printable View
I was thinking the best way to secure your admin panel. It was really simple in the end.
Ill update this later to include an array of ips and wildcard ips
Add to top of main.php
Code:$ip = $_SERVER['REMOTE_ADDR']; //get ip
$allow_ip = "165.45.54.765"; //your allowed ip - 165.45.54.765 is a fake ip for testing
if ($allow_ip != $ip){
//boot them off to the index page
redirect( $config['baseurl'] );
}
Quote:
Originally Posted by carefree2
You still have to manually put in the IP
Its worth it BIGboy
ill stick with the code i posted way back that uses .htacess
But all in all this will work as well. people will still complain you have to change the IP around
hackers can still read htaccess on a shared host, youll need to hard code it into the page itself for maximum protection.
Last time i checked you have to still manually edit htaccess, wasnt that your point.
Anyway to all the normal ppl here this is the way to do it
i think you are little bit confused oh which method is more secure my friend.Quote:
Originally Posted by carefree2
If you honestly think putting that code into a .php file is more secure than the code used in the htaccess file then your are absolutely wrong my friend.
So normal people ..................
To be honest, neither one is going to be better than the other from a security standpoint. From a server load standpoint, it is actually more work for the server if you do this using php than using htaccess.
Personally, I would do it using htaccess, mainly because I can tie it into my firewall. This way, I can block, ban, and restrict people from the firewall level, which is ultimately the best way to prevent people from doing things.