PageRenderIPRestriction by Teppo

This module adds basic capability to restrict page rendering to selected number of IP addresses.

Page Render IP Restriction Module

This module adds basic IP restriction capabilities to page rendering. Please note that this is only meant to be used as an additional security measure in addition to typical username/password authentication or something similar, not on it's own.

This is very important especially if protected content is valuable and/or sensitive. In those cases it would also be a much better idea to add all IP restriction rules within (software or hardware) firewall instead of relying on a module.

Installing


Copy PageRenderIPRestriction folder to your /site/modules/, go to Admin > Modules, hit "Check for new modules" and install Page Render IP Restriction. That's it.

How to use


Default settings for this module don't introduce any restrictions. You should edit module settings (Admin > Modules > Page Render IP Restriction) to include those IPs you wish to allow access to your site for. Please note that if you fill in at least one IP address and check both "Restrict admin access" and "Restrict access for authenticated users" checkboxes you will no longer be able to reach Admin without valid IP.

Settings


Allowed IPs

  • IP addresses that have access to your site
  • Each address on it's own line
  • Supported formats: 127.0.0.1 (individual IPs), 127.0.0.1-127.0.0.255 (IP ranges) and 127.0.0.0/24 (CIDR)
  • Default: null

Access denied message

  • What message should users get when they're being denied access?
  • Leave blank to show no message. HTML markup is supported.
  • Default: null

Access denied action

  • What should happen when user is denied access?
  • Possible values: "Exit with specified message" or "Redirect user to login page", but latter option has no effect if admin access is also restricted
  • Default: null (send HTTP/1.1 403 Forbidden header + no message)

Restrict admin access

  • If you check this box, admin pages will only be available for users with valid IPs
  • Default: false

Restrict access for authenticated users

  • If you check this box, IP restriction will also apply to authenticated (logged in) users.
  • Default: false

Exceptions to access restriction (allowed paths)

  • With this setting you can define paths that are excluded from access restriction
  • You can optionally specify the request method: /my-allowed-url/ POST
  • Default: null

Exceptions to access restriction (allowed domains)

  • With this setting you can define domains that are excluded from access restriction
  • Default: null

Install and use modules at your own risk. Always have a site and database backup before installing new modules.

Twitter updates

  • This week ProcessWire (3.0.175) gained the ability to maintain separate read-only and read-write database connections to optimize scalability, cost and performance. The post covers why this can be so valuable and how to configure it in ProcessWire— More
    2 April 2021
  • ProcessWire 3.0.174 core updates: improvements to the new path/URL hooks and more— More
    12 March 2021
  • ProcessWire 3.0.173 adds several new requested features and this post focuses on one of my favorites: the ability to hook into and handle ProcessWire URLs, independent of pages— More
    5 March 2021

Latest news

  • ProcessWire Weekly #361
    In the 361st issue of ProcessWire Weekly we'll take  closer look at a new third party module called Copy Markdown, and check out the latest weekly update from Ryan. Read on!
    Weekly.pw / 10 April 2021
  • ProcessWire 3.0.175 adds new database scalability options
    This week ProcessWire gained the ability to maintain separate read-only and read-write database connections to optimize scalability, cost and performance. The post covers why this can be so valuable and how to configure it in ProcessWire.
    Blog / 2 April 2021
  • Subscribe to weekly ProcessWire news

“We chose ProcessWire because of its excellent architecture, modular extensibility and the internal API. The CMS offers the necessary flexibility and performance for such a complex website like superbude.de. ProcessWire offers options that are only available for larger systems, such as Drupal, and allows a much slimmer development process.” —xport communication GmbH