Apply IP-blocking to frontend in addition to backend?
Permalink
Hi,
I've noticed that the IP-blocking feature in Concrete5 only blocks access to the admin-login.
Is there some additional documentation about this feature and have anybody succesfully migrated the check from the backend to the frontend?
(either by adding it to the elements/header or just the top of the theme, so the same check is made for every visit)
The purpose would be to be able to deny specific ip's access to the site, either because they have been scraping content or spamming the forms.
Looking forward to hear your thoughts.
Best regards
Tommy
I've noticed that the IP-blocking feature in Concrete5 only blocks access to the admin-login.
Is there some additional documentation about this feature and have anybody succesfully migrated the check from the backend to the frontend?
(either by adding it to the elements/header or just the top of the theme, so the same check is made for every visit)
The purpose would be to be able to deny specific ip's access to the site, either because they have been scraping content or spamming the forms.
Looking forward to hear your thoughts.
Best regards
Tommy
Nobody that has had challenge before or is it just impossible?
I haven't really worked with the blacklist, can't tell you if there's something available out of the box.
However, I do see what you're trying to achieve. Makes perfectly sense to me.
Assuming that there's nothing out of the box, it's not too difficult to build something like that without touching the core. An add-on (package) has a method on_start in its controller where you could easily interrupt the page rendering process for any page you want.
You'd probably also have to create a little dashboard interface for it... Without the interface, the package controller could be as simple as that (haven't tested it though!):
However, I do see what you're trying to achieve. Makes perfectly sense to me.
Assuming that there's nothing out of the box, it's not too difficult to build something like that without touching the core. An add-on (package) has a method on_start in its controller where you could easily interrupt the page rendering process for any page you want.
You'd probably also have to create a little dashboard interface for it... Without the interface, the package controller could be as simple as that (haven't tested it though!):
<?php defined('C5_EXECUTE') or die(_("Access Denied.")); class IpBlockerPackage extends Package { protected $pkgHandle = 'ip_blocker'; protected $appVersionRequired = '5.4.0'; protected $pkgVersion = '1.0'; public function getPackageDescription() { return t("IP Blocker blabla..."); } public function getPackageName() { return t("IP Blocker"); } public function install() { $pkg = parent::install(); }
Viewing 15 lines of 22 lines. View entire code block.