Fabian Lange wrote:
> To follow my proposal, and make it really simple:
>
> Add to all non production controllers:
>
> <?php
> //This prevents accidental access to non production frontends
> if (!in_array($_SERVER['REMOTE_ADDR'], array('127.0.0.1')))
> {
> echo('Your IP '.$_SERVER['REMOTE_ADDR'].' is not in set of allowed IPs.');
> echo('Check '.__FILE__.' For more information. ');
> die();
> }
>
Good post, and good points IMO.
I like the idea that it's 'safe' by default, and someone has to apply
their brain slightly to make it less secure. No overheads too, that's a
good point.
Fabien proposed that the scope of this problem goes behond just the
front dev controllers, what are you thoughts on that out of interest?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
-~----------~----~----~----~------~----~------~--~---
