Reputation: 57
Client user authentication or MAC address restriction possibilities for my web application
I have a php based web application involving some database. It has a username and password but the it can be shared with others. I have minimized the risk of it by blocking the ipsusing .htaccess (As below) except my office ip but inside the office still people can access it since its a shared ip.
# ALLOW USER BY IP
<Limit GET POST>
order deny,allow
deny from all
allow from 2.59.42.32
</Limit>
# PREVENT VIEWING OF .HTACCESS
<Files .htaccess>
order allow,deny
deny from all
</Files>
besides this, when the ip changes, i have to modify .htaccess which is a headache always.
Possible solutions in my mind: 1. I have heard about client certification in this link but not sure how can i use it 2. Thinking about some way to restrict the web to only one MAC address which is my employees computer
What do you guys suggest?
Upvotes: 0
Views: 1464
Answers (1)
Reputation: 2734
You wont be able to do a MAC authentification serverside, sadly.
How about a simple Username/password authentication from the htaccess through .htpasswd ? No need to make it anymore complex than neccesary. Just remember a strong password.
Upvotes: 1
Related Questions
- How to secure a web-app with the mac address
- How to get client MAC address when visit to my website?
- PHP: get client IP or MAC address to 'prove' client is from own Intranet?
- Restricting site features by computer
- php SSL client certificate authentication
- Limit website access to one computer
- Ensure web app access from a single computer per user
- IIS7 Restrict website access by MAC address?
- Authentication/Access Control in PHP
- limit access through MAC address