On 3 May 2011 09:53, Peter Hickman <[email protected]> wrote: > However this assumes that the site is hosted in some place where the > firewall is easy to access.
What assumes this? Without you quoting anything, we're into the realms of having to guess what bit you're replying to... and that way ends in confusion... I would like to point out that I said "the easiest solution *may* be"... I'm fully aware that some parts of system config aren't always available - but it's also worth considering that maybe if you can't access some part of the system that you *want* to, then maybe hosting somewhere else maybe better... (again, "may") > It would be better Would it? I'd prefer to suggest options, and let the OP decide what would and wouldn't be best for them. > if this were part of the app itself, > (a before filter that checks the ip > address and / or the x-forwarded header)? I suggested that too... did you stop reading my post when you objected to the possibility of managing a firewall? > Could you not go for username / password access first and then reject > the user based on the ip address Great way to annoy users "Thank you for providing correct credentials, but get lost anyway..." :-/ It would probably be nicer to deny on IP address first, that way you wouldn't expose your login forms on systems whose IP addresses you don't want logging in for whatever reason. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
