DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace:
plugin:abortlogin

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
plugin:abortlogin [2017-12-16 18:18] – [Discussion] turnermmplugin:abortlogin [2022-07-30 00:12] (current) Klap-in
Line 1: Line 1:
-====== abortlogin Plugin ======+====== AbortLogin Plugin ======
  
 ---- plugin ---- ---- plugin ----
Line 6: Line 6:
 email      : turnermm02@shaw.ca  email      : turnermm02@shaw.ca 
 type       : action type       : action
-lastupdate : 2017-12-04 +lastupdate : 2020-07-05 
-compatible : hrun,detritus,"Elenor Of Tsort","Frusterick Manners+compatible : HrunDetritus, Elenor of Tsort, Frusterick Manners, Greebo, Hogfather
 depends    :  depends    : 
 conflicts  conflicts 
Line 15: Line 15:
 downloadurl: https://github.com/turnermm/abortlogin/archive/master.zip downloadurl: https://github.com/turnermm/abortlogin/archive/master.zip
 bugtracker : https://github.com/turnermm/abortlogin/issues bugtracker : https://github.com/turnermm/abortlogin/issues
-sourcerepo : https://github.com/turnermm/abortlogin/+sourcerepo : https://github.com/turnermm/abortlogin
 donationurl: http://mturner.org/userfiles/donate.php  donationurl: http://mturner.org/userfiles/donate.php 
  
Line 24: Line 24:
 ===== Installation ===== ===== Installation =====
  
-Install the plugin using the [[plugin:plugin|Plugin Manager]] and the download URL above, which points to latest version of the plugin. Refer to [[:Plugins]] on how to install plugins manually.+Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually.
  
 +
 +
 +==== IPv6 ====
 +There is a version of this plugin which supports IPv6 as well as IPv4.  It has its own documentation page [[plugin:abortlogin:ipv6|abortlogin:ipv6]].  
 ===== Usage ===== ===== Usage =====
 This plugin works entirely through settings in the Configuration Manager.  You enter a list of IP addresses which are allowed to login to the wiki.  All other  IP addresses are blocked from logging in.  It is useful only in a restricted environment or where there are relatively few users who are allowed login privileges.  A restricted environment would, for instance, be a LAN or an office which has its own domain.   This plugin works entirely through settings in the Configuration Manager.  You enter a list of IP addresses which are allowed to login to the wiki.  All other  IP addresses are blocked from logging in.  It is useful only in a restricted environment or where there are relatively few users who are allowed login privileges.  A restricted environment would, for instance, be a LAN or an office which has its own domain.  
Line 36: Line 40:
 ===== Configuration and Settings ===== ===== Configuration and Settings =====
  
-^Option^Description^ +^ Option           ^ Description                                                                                           
-|''allowed'' |Comma separated list of allowed ip addresses| +| ''allowed''      | Comma separated list of allowed ip addresses                                                          
-|''test''| Comma separated list of ip addresses to test; testing limited to admins only| +| ''test''         | Comma separated list of ip addresses to test; testing limited to admins only. No testing when empty.  
-|''log''| Keep a log of failed login attempts|+| ''log''          | Keep a log of failed login attempts                                                                   | 
 +| ''enable_test''  | Enable ip testing and initialize blocking. No blocking or testing when false.                         |
  
   - ''allowed'': Any IP address included in this list will be allowed access to the login form.  If an IP address is not included in this list, access will be denied and a 403 error message will be displayed instead of the login form.   - ''allowed'': Any IP address included in this list will be allowed access to the login form.  If an IP address is not included in this list, access will be denied and a 403 error message will be displayed instead of the login form.
   - ''test'': IP addresses included in this list will be tested against the allowed list.  The results of these tests will be printed to the screen as Dokuwiki notifications when an adminstrator is logged in.  To remove these notifications, the list must be removed.     - ''test'': IP addresses included in this list will be tested against the allowed list.  The results of these tests will be printed to the screen as Dokuwiki notifications when an adminstrator is logged in.  To remove these notifications, the list must be removed.  
   - ''log'': If set to true, a log of all rejected IP addresses will be kept in:\\ ''data/meta/abortlogin/aborted_ip.log''   - ''log'': If set to true, a log of all rejected IP addresses will be kept in:\\ ''data/meta/abortlogin/aborted_ip.log''
 +  - ''enable_test'':  When checked, the test IPs and most incoming login attempts are tested against the <allowed> list and their status reported when an administrator is logged in. When not checked, login attempts are not blocked. As a practical matter, this gives the admin a chance to set up an initial allowed list without being blocked.  **//Do not forget to turn this to true after initializing your ips.//**  To stop reporting after ''enable_test'' is set to true, remove all test IPs from the testing list. 
  
-The list of allowed IP addresses need not be complete addresses. For instance, if on your internal LAN, you have multiple users with IPs beginning with 192.168.1, you can include the following in your allowed list: ''192.168.1.'' All IPs on your LAN will be able to login.  Please note the period after the 1.  Without it, IPs with numbers like ''192.168.123'' could be allowed login privileges.  Be sure to test your own IP against the allowed list before logging out the first time, so that you don't accidentally lock yourself out.  If that happens, you can disable the plugin by placing an empty file named ''disabled''in the plugin's directory.+The list of allowed IP addresses need not be complete addresses. For instance, if on your internal LAN, you have multiple users with IPs beginning with 192.168.1, you can include the following in your allowed list: ''192.168.1.'' All IPs on your LAN will be able to login.  Please note the period after the 1.  Without it, IPs with numbers like ''192.168.123'' could be allowed login privileges.  
 + 
 +Be sure to test your own IP against the allowed list before logging out the first time, so that you don't accidentally lock yourself out. If that happens, you can disable the plugin by placing an empty file named ''disabled'' in the plugin's directory.
  
 If you choose to log failed login attempts, it's a good practice to delete the log periodically, since thousands of ip addresses can potentially be logged. If you choose to log failed login attempts, it's a good practice to delete the log periodically, since thousands of ip addresses can potentially be logged.
Line 52: Line 60:
  
 ===== Discussion ===== ===== Discussion =====
 +==== IPV6 Support ====
 +
 Thank you - great plugin Thank you - great plugin
  
 Would be really great if it worked with ipv6 addresses - LG Would be really great if it worked with ipv6 addresses - LG
->> Don't see why this is not possible since the plugin uses regular expresssions to test against ips. Please use forum or github for discussion, thnx, ---[[user>turnermm|Myron Turner]] //2017-10-26 23:18// 
  
->> if there is anyone needing ipv6 please post here.  I have been working on supplying ipv6 support. --- [[user>turnermm|Myron Turner]] //2017-12-16 18:17//+>>Now available: [[plugin:abortlogin:ipv6|abortlogin:ipv6]]
 + 
 + 
 +==== User group based restriction ====
  
 +Great plugin! but there should be a way to restrict any one user group to work from a given ip address instead of restricting all users.The use case is that there can be users who are allowed to access from anywhere but there is need to restrict some user groups to work from only our place of work.
 +>>See: https://github.com/turnermm/abortlogin/issues/5
plugin/abortlogin.1513444729.txt.gz · Last modified: 2017-12-16 18:18 by turnermm
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links