1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Rep Power

    Limit Access Except from Specific Computers

    I am developing a very simple web application for a family member. She has employees that work from several different locations. She wants a web application that will allow her employees to clock in and out via a web interface. The problem is that she doesn't want them to be able to do this from home or any other location except from her offices. The application is simple enough, but how can I restrict access from the web and only allow her office computers to use it. I thought about some firewall rules, but some sites might have dynamic ip's. Really what I would like to happen is when you connect from an unautherized computer a page would come up saying that you cannot connection outside the office. Any thoughts?
  2. #2
  3. Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Sep 2007
    outside Washington DC
    Rep Power
    In short, there is no way to do it with software.

    You can have her install client certs on all the computers, and check for them. But there is nothing to prevent someone from copying the file.

    You can filter or redirect on IP addresses, but that is only a first level filter, a good hacker can get past that in seconds.

    You could write an application and install it on each machine that reports the NIC's mac address, but that can be spoofed.....
  4. #3
  5. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Rep Power
    Another alternative could be to put a hardware vpn in at the offices and only have the application available via the vpn.
    Doug G
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton

IMN logo majestic logo threadwatch logo seochat tools logo