Whan I attempt to use Developer Client Restrictions, should I use my LAN IP address or my public IP address? I am accessing the site remotely. I assume it\’s the public IP, but I just want to be sure.
The Developer Client Restrictions setting does not restrict access to the site. Rather, that setting is evaluated in several different contexts to determine whether certain developer-related behaviors such as logging and template path hints should display. (It's sometimes buggy, e.g. breadcrumb block behavior with FPC & that setting turned on).
You will need to use the address which will be provided to the application via $_SERVER['REMOTE_ADDR'] (your public IP in this case).
Related
I have a CodeIgniter 3 application with MySQL as the database. I had set the sess_match_ip to TRUE to check for the IP address of the users. Some of my clients has dynamic IPs which changes automatically. At the time of changing the IP address the application logged out them automatically. Please suggest me a alternate solution to prevent the users forms log out with changing the sess_match_ip to false.
$config['sess_match_ip'] = TRUE;
Just disable sess_match_ip. I know it looks like an attractive option, but it is simply not suitable for a typical public webapp on the internet.
It can be used as an extra security layer for restricted admin areas where only a handful of users are permitted anyway, but that's quite rare. Its primary use is for intranet systems where you control the whole network and there are no regularly changing IP addresses.
I'm developing a web application using Laravel hosting on a public cloud. Now, the application can be accessed publicly on the internet via domain address. However, I want to restrict to only users who are connecting to the organization networks to be able to use the application since we do not want the application to be used at home or elsewhere.
At the moment, the organization has 2 places (2 public internet networks) where they must be able to access to the application. Both of them are using home-standard internet where IP address changes every time the internet reconnects. As we do not have static IP addresses, I cannot filter user by using IP address filter. The IP filter rule must be changed every time when the organization network reconnected.
My application already have solid authentication and authorization mechanism and, of course, the users must know this information since they must access the app for work. However, this doesn't meet the requirement.
I have thought about the VPN but it (probably) doesn't not work because if we allow user the access to the VPN, they still be able to access the VPN anywhere and use the application outside the work places. If we restrict the VPN client to access from specific IP address, then when the IP changes, the same problem occurs.
To sum up, I would like to ask for the advice on how to restrict the access of web application, hosted on public internet, to the users that are connecting from the public IP address that can change every time when the internet reconnected. The requirement may sound strange but it is as it is. Please feel free to ask for more details if you want to and have a discussions on the suggestions.
Thank you in advance.
You could setup a client for a dynamic dns service (e.g. dyndns) on the client-side.
Then you could use that on the server-side to always check against current IP using that dns.
As alternative you could bind the website to localhost only and only let it be accessed via an pubkey-enforced SSH tunnel (and make that get auto-established by a script/scheduler on the client side, on a permission level outside of the users' reach, so that they can't take the private key needed for the connection anywhere)
You can use different PHP methods and variables to detect from where the request has been originated. Just whitelist your domains and organizations, and allow only them by adding a middleware.
Additionally, you can generate a token using Laravel Passport or you can create your own mechanism, and then use that token to authenticate if the request is valid or not.
Since the IP changes, you can setup a dynamic dns or as suggested on the comment above.
how can I change my ip address on a mac, but without proxies? I've used vpns and have gone to the advanced setting proxy list (using hidemyass etc), but I want a legitimately changed IP address. I've heard terminal can be used, but I don't know how to use that.
An IP address is something your ISP provides your router with. It is not something you can choose.
What you can do is use a VPN to send all your traffic to some server, which then works as a relay.
(And if you're just looking to browse the web anonymously, theres always Tor)
Hi I am having my own domain mydomain.ac.in and i am having my own server (windows 2008) and a Public static IP.
Now i want to host my site in my own server.
Please give me the step by step information to get it done.
Thanks.
You need to register your domain with some DNS hosting service (DNS provider), there is such an astronomic number of these on the web that I do not want to spam the site. Google.
Also, collocation center where you keep this server (and from where you have probably obtained that public IP) may also provide DNS services.
From the other side, any computer can be configured as the name server but this will probably not work Internet wide and can be used inside the local network only (combined with DHCP service). If there is an easy way to make this Internet wide, I would also be very interested in, but I doubt.
Your operating system is not much relevant to this question.
I registered my domain already in ernet by indian Government and I got my Public Static IP from BSNL India. I hosted my site already and i am able to access my site already using the ip. Now i want to map my domain with the server that i have so that i can access my domain using a domain name.
I tried the steps in http://www.hosting.com/support/dedicated/dns/setdns#additional.. But when i add the name server information it says cannot resolve hostname??? that s why i want to know where i am making mistake..
I once again tried the steps at http://www.hosting.com/support/dedicated/dns/setdns and got it right..Now i have updated the name server info at my domain registrar ernet and waiting for it to be updated. Thanks fo the people helped me
our hosting account is set up with the domain www.nashman.ca, and our application is at www.nashman.ca/hub. We have another domain that forwards to www.nashman.ca/hub and that's hub.mhn.co. The problem i'm having with this is that the forwarded domain adds on the /hub whenever you navigate to another page from hub.mhn.co, so the domain shows as hub.mhn.co/hub/admin when you're in the admin area, for example. I need the domain to stay consistent, and never show that folder name, because its breaking some of the javascript I use. What is the best way to set this up?
edit
I've been doing some reading about URL Rewriting, and looking into it - my hosting provider supports the IIS7 URL Rewrite module. All the tutorials I've found so far detail how to set up rules using the IIS config tools, but I don't have access to them. Is there a way to do it by editing my web.config in my apps root directory? And will this solve my issue?
Is the default page for hub.mhn.co using a redirect to www.nashman.ca? If so, what is happening is that the forwarding software basically returns a new URI that the browser requests, and the new URI will replace the old one in the browser window and thus in all future requests. You're probably redirecting to ~/hub/ (the hub subdirectory of the site root) which will result in the browser requesting a new URI that keeps the domain name but tacks on the subdirectory.
If you have direct control over the DNS and your webservers, you can use the DNS configuration to direct a request for the hub.mhn.co domain directly to the /hub subdirectory of your webserver. That way, the browser never knows that hub.mhn.co is actually www.nashman.ca/hub/. You might have to direct to an alternate port on the webserver and map that port to the subdirectory, depending on your DNS software (IIRC, most can deal with ipaddress/subdir routes, but some can only handle routing to ipaddress:port).
If your IT department does not have direct control/ownership over your DNS routing, or your exact hosting environment, you are more or less at the mercy of your hosting provider. They may be able to set up their environment to do the same thing, or not; all you can do is ask.
EDIT: Basically you have two options left if you're hosting remotely and can't use their DNS to reroute silently.
First option: clone (copy all files from) the web layer of nashman.ca/hub as hub.mhn.co under a different root space in your hosting environment (try to keep any hooks to service-layer code over at nashman so you don't have to copy the whole vertical slice). If you must also keep the UI under the /hub/ subdirectory, you're repeating code, but you may be able to mitigate this with deploy scripts that will allow you to deploy one local copy of your codebase to various locations. This may also cost more as your hosting environment is now hosting two non-trivial sites.
Second option: host the site and/or resolve the calls on your own hardware. As long as you have a public, static IP address through your ISP, you can provide a DNS server that will be the "authoritative" server for nashman.ca and hub.mhn.co domains. Your ISP or a third party domain name registry can provide a "pass-down" route to get requests from the TLD servers down to you. Then, you can route requests to whatever IP address, port and/or subfolder you like; that can be a remote webhosting provider (as long as they don't mind JUST hosting your site) or your own webservers. This will require the hardware, and a static IP from your ISP. If you lose power to this server, your site will be unreachable until power's restored. If the IP address of your DNS server changes, your site will be unaccessible by DNS until the server that routes requests to you updates its routing table with the new IP (which can be up to 24 hours).