User Restrictions

[teppo]

User Restrictions is a module that can — currently, I do have some future additions in mind — be used to restrict admin access for users so that requests must come from a specific list of allowed IP addresses, or alternatively must match a set of geolocation rules. For geolocation I've been using ipgeolocation.io, which is a paid service, but they do provide a free developer access.

Configuration is handled via $config->UserRestrictions:

$config->UserRestrictions = [

	// by default restrictions are enabled when debug mode is off
	// 'login_restriction_enabled' => ...,

	// define users that are restricted
	'login_restriction_enabled_for' => [
		// 'my_admin_username' or 'user:my_admin_user' (username)
		// 41 or 'user:41' (user ID)
		// 'role:superuser' (role)
		// 'regex:/.*/' (regex pattern, which is matched against username)
	],

	// list of valid IP addresses
	'valid_ip_addresses' => [],

	// list of valid geolocations
	'valid_geolocations' => [],

	// geolocation API settings (optional, required only if valid geolocations are specified
	'geolocation_api_url' => 'https://api.ipgeolocation.io/v2/ipgeo?apiKey={api_key}&ip={ip}',
	'geolocation_api_key' => '',

	// error display and logging behaviour
	'display_errors' => false,
	'log_errors' => true,
];

 This module is somewhat experimental at the moment, so please tread carefully. Let me know if you run into any issues, or have any suggestions/ideas for the module 🙂

https://github.com/teppokoivula/UserRestrictions

https://packagist.org/packages/teppokoivula/user-restrictions