IP Authentication
Introduction
The "AuthenticateIPOnly" mode of mgiAuthenticateDB
allows you to grant access to pages based on the visitor's IP
number or range. You may also block access to a page based on
the visitor's IP number or range.
If the visitor accesses a protected page from an allowed IP,
the page displays. If the visitor accesses the page from an IP
that is specifically denied an error displays. If the allowedIP
parameter is not included, the page displays for visitors from
IP addresses that are not specifically denied. If the deniedIP
parameter is not included, an error displays for visitors from
IP addresses that are not specifically allowed.
The following is a generic example of IP authentication of
a page.
MGI Tags
Steps
- Open the page to protect in a text editor.
- Insert the mgiAuthenticateDB tag in AuthenticateIPOnly mode.
- Save the page.
- FTP the page to the web server running MGI.
- View the page in a browser.
Step 1: Open the page to protect in a text editor.
- Open the page you wish to protect via IP number or hostname
in a text editing program that allows you to view and modify
the HTML and code of the page.
Step 2: Insert the mgiAuthenticateDB tag in AuthenticateIPOnly
mode.
- At the top of the page, enter the mgiAuthenticateDB tag,
mode parameter, allowedIP parameters, and deniedIP parameters.
-
- In the mode parameter, enter "AuthenticateIPOnly".
At least one allowedIP or deniedIP parameter is required. To
allow a specific IP or range of IPs, enter the IP in an allowedIP
parameter. To deny a specific IP or range of IPs, enter the IP
in a deniedIP parameter. You may use the asterisk (*) as a wildcard
in any part of the IP number to represent the full range of an
IP block. For example, if you want to allow all visitors from
the "205.160.14" Class C block to access a page, you
would enter "205.160.14.*" as the parameter value.
You may also use multiple allowedIP and deniedIP parameters in
one mgiAuthenticateDB tag to create any combination of allowed
and denied IPs you prefer.
-
- Should an IP number fall within more than one allowedIP or
deniedIP parameters, the most restrictive parameter will execute.
For example, if you have an allowedIP for "205.160.14.*"
and a deniedIP for "205.160.14.230", then a visitor
from "205.160.14.230" will be denied.
-
- The following example allows all users from the "205.145.26.*"
Class C block and the "206.125.12.*" Class C block
and denies access to the users "205.145.26.15" and
"206.125.12.145".
<mgiAuthenticateDB mode="AuthenticateIPOnly"
allowedIP="205.145.26.*" allowedIP="206.125.12.*"
deniedIP="205.145.26.15" deniedIP="206.125.12.145">
Step 3: Save the page.
- Save the changes you have made to the page.
Step 4: FTP the page to the web server running MGI.
- Upload the page from your local computer to the web server
using an FTP program.
Step 5: View the page in a browser.
- Access the IP authenticated page in a web browser. If your
IP address matches an allowed IP address or range and does not
match a denied IP address or range, the page displays. If your
IP address does not match an allowed IP address or range or does
match a denied IP address or range, an error displays.
|