#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    195
    Rep Power
    3

    Restrict Admin Access


    Hi, i want to restrict admin access to the admin area of my website.

    I was thinking of whitelisting all the IP addresses that are allowed to access the admin area.

    Is there a service that you can pay for that will allow you to connect through some sort of virtual tunnel, so that you can be guaranteed to have the same IP address regardless of your location, as you will be using the tunnel IP address... not sure if this makes sense... OR maybe you have a better way, thanks in advance...
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,930
    Rep Power
    1045
    Hi,

    simply use (good) passwords like everybody else.

    Using the IP is hardly a good solution, since your "IP provider" would also have access to the website.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 2003
    Posts
    3,233
    Rep Power
    593
    Why can you not accomplish this with an admin login?
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    195
    Rep Power
    3
    Hi, thanks for the replies... i have a login screen too and a strong password but i am simply looking for ways to tighten security
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 2003
    Posts
    3,233
    Rep Power
    593
    That is the best you can do unless your admins all have static IPs and don't ever need to access it while on the road or from a wi-fi.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  10. #6
  11. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,301
    Rep Power
    7170
    Is there a service that you can pay for that will allow you to connect through some sort of virtual tunnel, so that you can be guaranteed to have the same IP address regardless of your location, as you will be using the tunnel IP address...
    Yes, you can do this with any dedicated server or VPS. It also has the added benefit of encrypting your connection regardless of whether the site is using SSL or not. The server just needs to be running an SSH daemon (all Linux servers). Then you can set up an SSH tunnel and configure your web browser to proxy connections through that.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo