DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:abortlogin

abortlogin Plugin

Compatible with DokuWiki

  • 2017-02-19 "Frusterick Manners" yes
  • 2016-06-26 "Elenor Of Tsort" yes
  • 2015-08-10 "Detritus" yes
  • 2014-09-29 "Hrun" yes

plugin Restricts login access to designated IP addresses

Last updated on
2017-03-16
Provides
Action
Repository
Source

Tagged with login

Installation

Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.

Usage

This plugin works entirely through settings in the Configuration Manager. You enter a list of IP addresses which are allowed to login to the wiki. All other IP addresses are blocked from logging in. It is useful only in a restricted environment or where there are relatively few users who are allowed login privileges. A restricted environment would, for instance, be a LAN or an office which has its own domain.

Caution

Ideally the admin should have access to the server with permission to make changes to local.php, where blocked IP's can, if needed, be removed, to prevent the admin's being locked out. See configuration_and_settings for more information about this topic.

Configuration and Settings

OptionDescription
allowed Comma separated list of allowed ip addresses
test Comma separated list of ip addresses to test; testing limited to admins only
log Keep a log of failed login attempts
  1. allowed: Any IP address included in this list will be allowed access to the login form. If an IP address is not included in this list, access will be denied and a 403 error message will be displayed instead of the login form.
  2. test: IP addresses included in this list will be tested against the allowed list. The results of these tests will be printed to the screen as Dokuwiki notifications when an adminstrator is logged in. To remove these notifications, the list must be removed.
  3. log: If set to true, a log of all rejected IP addresses will be kept in:
    data/meta/abortlogin/aborted_ip.log

The list of allowed IP addresses need not be complete addresses. For instance, if on your internal LAN, you have multiple users with IPs beginning with 192.168.1, you can include the following in your allowed list: 192.168.1.. All IPs on your LAN will be able to login. Please note the period after the 1. Without it, IPs with numbers like 192.168.123 could be allowed login privileges. Be sure to test your own IP against the allowed list before logging out the first time, so that you don't accidentally lock yourself out. If that happens, you can disable the plugin by placing an empty file named disabled. in the plugin's directory.

If you choose to log failed login attempts, it's a good practice to delete the log periodically, since thousands of ip addresses can potentially be logged.

Change Log

Discussion

Thank you - great plugin

plugin/abortlogin.txt · Last modified: 2017-08-04 19:28 by turnermm