Reputation: 55
No static IP but need to restrict access to a specific location
I have a small web function that should run only when the user is in the office . But the problem is that our internet provider changes its IP regularly and i cant keep track of it. We have windows 7 systems in our office and they dont have any static IP. I cant even set a static IP as it will hamper the internet provider settings and will stop connecting to internet. Im stuck now. Is there a way with which i can make sure that a person is in office only when he is using that function?
Upvotes: 2
Views: 1104
Answers (6)
Reputation: 9954
One way to do it would be to set up the server so it exposes 2 services - 'A' with the "special office-only function" available, and 'B' without.
Then, set up the network security so that Service A is only accessible over a VPN tunnel from your office.
--
An alternative approach might be to use PKI - get the office computers installed with certificates that are required to access the Service A functionality. However, while complicated, it is still possible for users with sufficient authority and knowledge to copy the certificate and install it at home.
Upvotes: 1
Reputation: 2900
You could use dyndns to get the current ip. Dynamic dns allows ypou to redirrect a host name to a dynamic ip.
So if you get a request from a unkown ip or more then x seconds have passed since the last request you can use gethostbyname to retrive the offic ip.
Free Dynamic DNS:
Getting the IP:
$ip = gethostbyname('http://sample.dnsdynamic.org/');
Upvotes: 1
Reputation: 12815
If you have an access to office network - you may try to config your server, which gives an access to the internet, so it will add some token (cookie?) to all requests (sent to your server). And you will check it in your code.
Upvotes: 0
Reputation: 15711
The surest way is to ID using MAC adresse since IP can be changed, MAC address is harder to spoof and does not change. It is the "serial number" of the network card. So unless they take the card home, they won't be able to access it. Have a read at this post
Upvotes: 1
Reputation: 21866
Provide your office user with some kind of token, after they authorize. Then use the token to determine if access is granted or not.
The token can be stored in a cookie on the the office users computer, so authorization is done only once.
Upvotes: 0
Reputation: 175048
If your users aren't nerds, you can set a special cookie in the office computers, and check against that every time the user accesses the application.
(If your users know to to set and unset cookies, that would fail, as they would simply copy this behavior to their home).
Also, there should still be a specific range of IPs when connecting from the office (even if the IP changes), sample a few IPs and check for a recurring pattern.
Upvotes: 1
Related Questions
- Block specific IP block from my website in PHP
- Accessing a webpage only in the specified IP address
- Restricting access to a site using IP address
- Restrict a website by IP
- Block site access other than selected people
- Limit execution of a php-page to requests made from a certain ip-range
- How to access a website only from a specified IP using PHP
- Restrict access to functionality for user by IP address
- How to prevent access to script except for one IP in PHP?
- how to restrict a page to only a specified ip range in php