Tags:
create new tag
view all tags

Question

I would like to restrict acces to a web or a topic to a list of IP address, while preserving full Internet access to Twiki ,Main and all other Webs.

I did see AccessRestrictionByIPAddress which hasn't a positive response frown

or BlackListPlugin which seems to be whole twiki site solution, not only one Web or a specific topic.

please let me know how . Thanks.

Environment

TWiki version: TWikiRelease04x02x03
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: Centos 5.2 kernel 2.6.22
Web server: apache httpd-2.2.3
Perl version: perl-5.8.8-15.el5_2.1
Client OS: Windows / linux
Web Browser: Firefox & IE
Categories: Htaccess

-- JehanProcaccia - 29 Nov 2008

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

I added some details to AccessRestrictionByIPAddress that allows you to restrict access by IP address. Not sure if Apache supports an Allow from directive for a URL with PATHINFO (the Web/Topic info that follows the view script). But even if it does, it does not prevent someone from using a URL path such as /cgi-bin/view/Main/WebHome?topic=Secretweb/WebHome.

A safer solution and portable is to write a simple plugin that checks for proper IP address in the initialize function. TWikiPlugins as the details on how to write a plugin, BlackListPlugin might come handy to borrow some code.

-- PeterThoeny - 29 Nov 2008

I installed and tested BlackListPlugin but as I presumed, It works on the whole twiki site, It's not configurable by Webs or Topics frown .

I Also looked at apache directive like LocationMatch (http://httpd.apache.org/docs/2.2/sections.html) 

<LocationMatch "/~procacci/wiki/bin/view/Community/"> 
    Order Deny,Allow
     Deny from all
      Allow from 157.159.
</LocationMatch>

unfortunalty it doesn't work in .htaccess file, only in httpd.conf frown I'am lost, I don't feel capable of writing a dedicated module ... What would be fine is that in WebPreference, in addition to TWIKIGroups or TwikiUsers we could use IP address to the Allow/DenyWebWiew or Allow/DenyTopcView, would it be a long developpement to add this ?

-- JehanProcaccia - 30 Nov 2008

Restricting access by IP address is a special case, I do not think this feature should go into the core TWiki. Ask around if you find a Perl programmer to create a simple BlockByIPPlugin to your spec.

-- PeterThoeny - 01 Dec 2008

Change status to:
WebForm
SupportStatus AnsweredQuestions
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2008-12-01 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.