Reputation: 35
only allow certain ips to access my "family site"?
for some days i have been struggeling with making only certain ips accessing my family site since i only want my family to be enable to access the site. ill need some help by your guys. This is how far i have gotten and if ip is not in database it will redirect to www.google.com .
The code:
$ip =$_SERVER['REMOTE_ADDR'];
$result = mysql_query('SELECT * FROM `ips` WHERE `ip`="' . $ip . '"');
if(mysql_affected_rows($link) < 0){
header('location:http://google.com');
}
EDIT: Got an idea of what i can use that wont change the computer mac address so the code will need change of the table and the names inside. How will i go about that , so when the user try to access my site it does a check if the mac adress of the computer is in database else redirect to google.com.
Kind regards Fredrik
Upvotes: 2
Views: 911
Answers (5)
Reputation: 5136
If you use Apache as your webserver you can change the directory node content in the httpd.conf configuration file to Allow from YOUR_IP and Deny from all. This is usually a more suitable place to create such restrictions.
Note that the default Apache access for <Directory /> is Allow from All. This means that Apache will serve any file mapped from an URL. Change this with a block such as
<Directory />
Order Deny,Allow
Deny from All
Allow from IP
</Directory>and then override this for directories you want accessible.
For the redirect part you can add this to your httpd.conf to redirect to google on 403 Forbidden errors. Don't forget to restart the webserver after you made the changes.
ErrorDocument 403 http://www.google.com
Upvotes: 0
Reputation: 146450
I'm not really sure of what the question is, but if you want to password-protect a site and you don't want to make your users generate yet another password, you can try out the LightOpenID library. This way, your family can log in with the OpenID identifier of their choice. You just need to keep a list of their identifiers. It's roughly the authentication system used at StackOverflow.
As about OpenID accounts, you already have one if you use Google, Yahoo or many other sites.
Upvotes: 3
Reputation: 2140
You could also consider trying to do this with htaccess. Check out stupid htaccess tricks.
A better way might be to use an htaccess password here's a free tool which is also pretty simple to set up.
Also, instead of checking affected rows you should check the number of rows returned in your code. Check out the PHP manual
Upvotes: 1
Reputation: 43810
IP addresses change very often so they might have access one day and on the next it will be different and they will lose the priviledge.
You will be better off by creating a login system. This way, from anywhere they can access the information you want to share.
Upvotes: 1
Reputation: 507
The mysql_affected_rows is for INSERT, UPDATE OR DELETE Use this:
if(mysql_num_rows($result) == 0){
header('location:http://google.com');
}
And why do you use the $link variable instead of $result?
Upvotes: 1
Related Questions
- Efficiently Banning IPs Using php and mysql?
- Restricting access to a site using IP address
- banning user ip through php or apache
- restrict website for all other IP addresses except mine
- Block site access other than selected people
- How do I allow only certain IP's to view webpages?
- Restricting Access by IP, cookies? - Any better solution?
- Restricting access via IP-ranges (PHP)
- Allowing website access only from a specific network
- Banning by IP with php/mysql