allow access to private content to visitors from a given IP address?

93 Posts

leapy Reply #1, 15 years, 5 months ago

hello

I have a site with private pages for subscribers only. Subscribers currently access via the usual WebLogin snippet.

I may be asked to allow free access for all users from a certain geographic site and am trying to plan how to do it.

Is it possible to automatically allow access to private pages for all users browsing from certain given IP addresses?

Am I missing something; how else could the equivalent of a ’site license’ be managed?

Many thanks for any ideas

L

956 Posts

ganeshXL Reply #2, 15 years, 5 months ago

That doesn’t really make sense to me. You have protected pages where subscribers pay to get access to that content - but the same content should be freely accessible if you are in a geographical region x?

Generally speaking: yes, it is possible to restrict access by geographical location. There are a few commercial IP databases around you can use. There’s even an open-source variety out there, but I’m not sure how accurate it is and how often it’s updated. How exactly you would implement it in your MODx-site depends on the particular service you’re using. Some companies offer a webservice or API, others just supply you with the raw data. I’m sure you could either write a snippet or plugin to add this functionality.

http://en.wikipedia.org/wiki/Country_IP_database

http://www.fantastique.ch/
http://www.dnik.ch/
http://www.flickr.com/photos/dnik/

93 Posts

leapy Reply #3, 15 years, 5 months ago

Hi Ganesh

Many thanks for your reply which showed up how unclear I had been! By "geographic site" I meant a single building! laugh

Basically, I have been asked to prepare a site license and I think that I need to limit access by the public IP addresses used by the organisation. Unless there is another way....

L

24,544 Posts

BobRay Reply #4, 15 years, 5 months ago

If you know the IP address range, you can just put a snippet in the template for those pages that checks the IP address and forwards those not allowed to an error page.

$user_ip_address = $_SERVER['REMOTE_ADDR'];

if they are using a proxy server, though, you’ll need to use:

if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $user_ip_address=$_SERVER['HTTP_X_FORWARDED_FOR'];
}   else {
       $user_ip_address=$_SERVER['REMOTE_ADDR'];
}

The first step, I think, would be to just put:

$user_ip_address = $_SERVER['REMOTE_ADDR'];
echo $user_ip_address;

on a page and have a bunch of people at different machines in the building visit that page and report the results.

Once you know the possible range of IPs, just test to make sure it’s ok, and then, if not, do this:

$url = $modx->makeUrl(##, '', '', 'full');
$modx->sendRedirect($url);

Where ## is set to the url of the document ID of the "sorry, you’re not allowed" page.

Of course, this will kick out your registered users from other IPs, so you’ll have to include them somehow in your test.

Hope this helps,

Bob

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting

93 Posts

leapy Reply #5, 15 years, 5 months ago

Wow, Bob.

Many thanks.

L

24,544 Posts

BobRay Reply #6, 15 years, 5 months ago

Quote from: leapy at Nov 28, 2008, 11:33 PM

Wow, Bob.

Many thanks.

L

You’re welcome, but don’t thank me until it works. Not all of my suggestions do. wink

Did I help you? Buy me a beer
Get my Book: MODX:The Official Guide
MODX info for everyone: http://bobsguides.com/modx.html
My MODX Extras
Bob's Guides is now hosted at A2 MODX Hosting