DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:abortlogin

AbortLogin Plugin

Compatible with DokuWiki

  • 2024-02-06 "Kaos" unknown
  • 2023-04-04 "Jack Jackrum" unknown
  • 2022-07-31 "Igor" unknown
  • 2020-07-29 "Hogfather" yes

plugin Restricts login access to designated IP addresses

Last updated on
2020-07-05
Provides
Action
Repository
Source

Similar to ipban

Tagged with login

Installation

Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.

IPv6

There is a version of this plugin which supports IPv6 as well as IPv4. It has its own documentation page abortlogin:ipv6.

Usage

This plugin works entirely through settings in the Configuration Manager. You enter a list of IP addresses which are allowed to login to the wiki. All other IP addresses are blocked from logging in. It is useful only in a restricted environment or where there are relatively few users who are allowed login privileges. A restricted environment would, for instance, be a LAN or an office which has its own domain.

Caution

Ideally the admin should have access to the server with permission to make changes to local.php, where blocked IP's can, if needed, be removed, to prevent the admin's being locked out. See configuration_and_settings for more information about this topic.

Configuration and Settings

Option Description
allowed Comma separated list of allowed ip addresses
test Comma separated list of ip addresses to test; testing limited to admins only. No testing when empty.
log Keep a log of failed login attempts
enable_test Enable ip testing and initialize blocking. No blocking or testing when false.
  1. allowed: Any IP address included in this list will be allowed access to the login form. If an IP address is not included in this list, access will be denied and a 403 error message will be displayed instead of the login form.
  2. test: IP addresses included in this list will be tested against the allowed list. The results of these tests will be printed to the screen as Dokuwiki notifications when an adminstrator is logged in. To remove these notifications, the list must be removed.
  3. log: If set to true, a log of all rejected IP addresses will be kept in:
    data/meta/abortlogin/aborted_ip.log
  4. enable_test: When checked, the test IPs and most incoming login attempts are tested against the <allowed> list and their status reported when an administrator is logged in. When not checked, login attempts are not blocked. As a practical matter, this gives the admin a chance to set up an initial allowed list without being blocked. Do not forget to turn this to true after initializing your ips. To stop reporting after enable_test is set to true, remove all test IPs from the testing list.

The list of allowed IP addresses need not be complete addresses. For instance, if on your internal LAN, you have multiple users with IPs beginning with 192.168.1, you can include the following in your allowed list: 192.168.1.. All IPs on your LAN will be able to login. Please note the period after the 1. Without it, IPs with numbers like 192.168.123 could be allowed login privileges.

Be sure to test your own IP against the allowed list before logging out the first time, so that you don't accidentally lock yourself out. If that happens, you can disable the plugin by placing an empty file named disabled in the plugin's directory.

If you choose to log failed login attempts, it's a good practice to delete the log periodically, since thousands of ip addresses can potentially be logged.

Change Log

Discussion

IPV6 Support

Thank you - great plugin

Would be really great if it worked with ipv6 addresses - LG

Now available: abortlogin:ipv6.

User group based restriction

Great plugin! but there should be a way to restrict any one user group to work from a given ip address instead of restricting all users.The use case is that there can be users who are allowed to access from anywhere but there is need to restrict some user groups to work from only our place of work.

plugin/abortlogin.txt · Last modified: 2022-07-30 00:12 by Klap-in

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki