CODEWITHSUNDEEP
phpsymfony
bench-o
bench-o

Reputation: 2339

Symfony2: app_dev.php allow access only to IP?

In my Symfony2 project I want the app_dev.php only be accessible by my IP address. Like in the config.php i can set an array of IP's so this file is not accessible by everyone. Is this also possible for the app_dev.php ?

Upvotes: 10

Views: 17385

Answers (3)

chanchal118
chanchal118

Reputation: 3647

In app_dev.php you will find below code

if (isset($_SERVER['HTTP_CLIENT_IP'])
    || isset($_SERVER['HTTP_X_FORWARDED_FOR'])
    || !in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', 'fe80::1', '::1'))
) {
    header('HTTP/1.0 403 Forbidden');
    exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}

You can set IP addresses from which you want to access here.

if (!in_array(@$_SERVER['REMOTE_ADDR'], array('Your IP address', '127.0.0.1', 'fe80::1', '::1'))
) {
    header('HTTP/1.0 403 Forbidden');
    exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}

Upvotes: 18

timhc22
timhc22

Reputation: 7451

This is a slight variation on @chanchal118 's answer. Our sites are behind a load balancer so IPs work slightly differently. Hopefully will be helpful for people with similar set ups.

I'd also be interested in hearing any thoughts on security concerns if IPs were spoofed.

//todo this may be a security concern if someone managed to spoof their IP as one of these
$allowedIPs = array('127.0.0.1', 'fe80::1', '::1', 'my.organisation.ip.address');

//allow app_dev.php only under these conditions (prevent for production environment) uses HTTP_X_FORWARDED_FOR because behind load balancer
if (
    isset($_SERVER['HTTP_X_FORWARDED_FOR']) &&
    ( ! in_array(@$_SERVER['HTTP_X_FORWARDED_FOR'], $allowedIPs) )
){
    header('HTTP/1.0 403 Forbidden');
    exit('You are not allowed to access the development environment.');
}

Upvotes: 3

Jose Edinaldo
Jose Edinaldo

Reputation: 1

set in virtual host

/var/apache2/sites-avable

<VirtualHost *:80>
    ServerName domain.com/main
    ServerAlias www.domain.com/main
    DocumentRoot /var/www/domain/main/web
    DirectoryIndex app_dev.php
</VirtualHost>

switch

<VirtualHost 127.0.0.1:80>
    ServerName domain.com/main
    ServerAlias www.domain.com/main
    DocumentRoot /var/www/domain/main/web
    DirectoryIndex app_dev.php
</VirtualHost>

Upvotes: -8

Related Questions