I do have a solution in the works that combines the two approaches. I have an abstract IP-address checker that can be used to set control lists based on inbound IP patterns. You could use it in hook_init() to deny access to /admin.
To give an idea, here a use-case. -- On user login, if the user name matches user 1, check the IP control list for 'admin login'. -- We then regex the IP (127.0.0.100) vs. a list of valid IPs for that control list. -- The list can contain full octets or partials, with regex patterns \d and 0-9. -- So 127.0.0.100 would match the patterns 127.0 or 127.0.0.10\d. -- On fail, disallow the login. All the module actually does is return boolean TRUE/FALSE for the check, and then cache the results for performance. The cache is wiped when control lists are updated. The control lists are managed through a UI (though they can also be defined in a hook and marked as "uneditable" through the UI). Problem is, the code is unfinished, and needs 20-30 hours of love. If anyone is interested in co-maintaining, I can set up a CVS project. Anyone interested should send me a note off-list. - Ken Rickard agentrickard On Fri, Oct 2, 2009 at 9:19 AM, Jennifer Hodgdon <[email protected]> wrote: > Philip Mather wrote: >> >> Afternoon, >> I'm the paranoid type and so after installing and setting up my lovely >> new drupal site I decided that, with all due respect, I'd feel much more >> comfortable restricting access to the /admin section with an apache >> password >> prompt. [...] > > It looks like your solution is somewhat different from the approach of > http://drupal.org/project/securesite > > Would you consider writing up a page for the Drupal Handbook explaining what > you did? And maybe mentioning the module above too, and what the differences > are, and any other modules you found that have similar aims? It could > possibly go under: > - Advanced installation http://drupal.org/node/346385 > - Beyond the Basics - How Tos http://drupal.org/handbook/customization/howto > - Comparisons of contributed modules (if you have several modules to > compare) http://drupal.org/node/266179 > > Anyone with a drupal.org account (which anyone can get) can write a book > page. Just navigate to the parent page and click "Add child page" at the > bottom. > > --Jennifer > > -- > Jennifer Hodgdon * Poplar ProductivityWare > www.poplarware.com > Drupal, WordPress, and custom Web programming > > -- Ken Rickard [email protected] http://ken.therickards.com
