#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2003
    Posts
    64
    Rep Power
    11

    Limit Access Except from Specific Computers


    I am developing a very simple web application for a family member. She has employees that work from several different locations. She wants a web application that will allow her employees to clock in and out via a web interface. The problem is that she doesn't want them to be able to do this from home or any other location except from her offices. The application is simple enough, but how can I restrict access from the web and only allow her office computers to use it. I thought about some firewall rules, but some sites might have dynamic ip's. Really what I would like to happen is when you connect from an unautherized computer a page would come up saying that you cannot connection outside the office. Any thoughts?
  2. #2
  3. Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Sep 2007
    Location
    outside Washington DC
    Posts
    2,642
    Rep Power
    3699
    In short, there is no way to do it with software.

    You can have her install client certs on all the computers, and check for them. But there is nothing to prevent someone from copying the file.

    You can filter or redirect on IP addresses, but that is only a first level filter, a good hacker can get past that in seconds.

    You could write an application and install it on each machine that reports the NIC's mac address, but that can be spoofed.....
  4. #3
  5. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,429
    Rep Power
    4539
    Another alternative could be to put a hardware vpn in at the offices and only have the application available via the vpn.
    ======
    Doug G
    ======
    Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
    --Alfred Bester

IMN logo majestic logo threadwatch logo seochat tools logo