EasyCFM.COM ColdFusion Forums / Coding Help! / How to .....

   Reply to Discussion | New Discussion << previous || next >> 
Posted By Discussion Topic: How to ..... -- page: 1 2

book mark this topic Printer-friendly Version  send this discussion to a friend  new posts last

jaco5md
07-16-2007 @ 10:33 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 492
Joined: Jul 2005

I need a way to ONLY allow specific IP address to view my site.  I know I need to do this in the application.cfm file, I just need some advise on the 'best practice' way.

Thanks!

-David

"It's only Rock 'n' Roll, but I like it"

dlackey
07-16-2007 @ 11:31 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Moderator
Posts: 935
Joined: Jun 2007

Mutiple options... but IMO, the easiest is...

replace 127.0.0.1 with the IP you want allowed to view page/site.  You could put this as a variable in your Application.cfm file.

<cfif cgi.REMOTE_ADDR eq "127.0.0.1">

     cf code here
     
<cfelse>
You are not permitted to view this site.
</cfif>

Cheers,
Chip

This message was edited by dlackey on 7-16-07 @ 11:31 AM

kevsarg18
07-16-2007 @ 11:34 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 428
Joined: Jun 2004

use the CGI.remote_addr variable to get the current visitors IP

Now, you have many ways to check that against your allow list.

Now run a query using that IP in the where.

<cfquery ....
select allowedIP from ipwhitelist where allowedIP = <cfqueryparam ... '#cgi.remoteaddr#'


If there is a row returned, they are allowed. If not, cflocation them to the page that you want, or just cfabort them on the spot.



My CFML Scripts.

jaco5md
07-16-2007 @ 11:37 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 492
Joined: Jul 2005

That's pretty much where I'm going.  However, I need to allow groups of IP's, like (127.10.15, 172.99., 10.) and so on.

I created a list variable that has all the ip's I need to allow and I'm using ListContainsNoCase to compare the values but it's not working.

<cfset AllowIP = "127.10.15,172.99.,10.">

<cfif ListContainsNoCase(AllowIP, #CGI.REMOTE_ADDR#)>
     #CGI.REMOTE_ADDR#<br>
  IP Address is allowed
    <cfelse>
     #CGI.REMOTE_ADDR#<br>
  IP Address is not allowed
  <cfabort>
</cfif>

My IP is something like 10.xxx.xxx.xxx and I get "IP address is not allowed".

Any ideas?

-David

"It's only Rock 'n' Roll, but I like it"

kevsarg18
07-16-2007 @ 11:38 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 428
Joined: Jun 2004

I just wanted to say that I would not wrap up content in the cfif. The cfelse of this condition is a given. we only have 2 choices, allow or not.

so just running the cfif /cfif to check if an IP is NOT allowed will suffice, and cut down code clutter.



My CFML Scripts.

dlackey
07-16-2007 @ 11:39 AM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Moderator
Posts: 935
Joined: Jun 2007

You can store the valid IPs in a table and output the list as a comma delimited list.



Cheers,
Chip

jaco5md
07-16-2007 @ 12:31 PM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 492
Joined: Jul 2005

I can't use = because I need to be able sometimes match only a part of the CGI.REMOTE_ADDR.

I need to be able to use wildcards or something like a 'Like' or 'Contains' statement because I won't have all specific IP.  Some are like:

111.xxx.xxx.xxx  (All within)
111.222.xxx.xxx  (All within)
111.222.333.xxx  (All within)
111.222.333.444  (Specific)

This code works.  Can I make it simplier?
<cfif "#CGI.REMOTE_ADDR#" CONTAINS '10.' OR "#CGI.REMOTE_ADDR#" CONTAINS '111.222.'>

-David

"It's only Rock 'n' Roll, but I like it"

This message was edited by jaco5md on 7-16-07 @ 12:55 PM

dlackey
07-16-2007 @ 12:59 PM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Moderator
Posts: 935
Joined: Jun 2007

What DBMS are you using?

Sounds like you may need to do this on the database side...  Not to mention, it will be faster on the database server Vs. the CF server (albeit it may be neglible).

Are you storing the entire IP address as one column?  you MIGHT want to think about breaking it up into four chunks.  Then you can compare each octet as necessary.  To store the ip address, you can use the listgetat function and use the '.' as your separator.

I'm sure others have done what you are doing, I've just never had to block an IP in the manner you are doing so I'd need to sit down and think about it.  I'll keep checking on this thread and if you still need help, please post and I'll see if I can hammer out some code to help you out.  

Cheers,
Chip

jaco5md
07-16-2007 @ 1:02 PM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Senior Member
Posts: 492
Joined: Jul 2005

Thanks Chip.  I'm actually setting allowed IP's because the box is used by many departments within my org.  That's why I can't set it using IIS or .htaccess.

Thanks for your help.

-David

"It's only Rock 'n' Roll, but I like it"

dlackey
07-16-2007 @ 1:21 PM
Reply
Edit
Profile
Send P.M.
My Gravatar!
Powered by Gravatar
Moderator
Posts: 935
Joined: Jun 2007

what DB are you using such as sql, access, etc.?  Are you open to breaking the IP up into chunks?

I can ponder this tonight and hopefully post soemthing for you tomorrow... ok?

Cheers,
Chip

PAGE: 1 2

Website Designed and Developed by Pablo Varando.