1

We have a website and its working perfectly fine. We want to block users so they can't login into our admin section.

We have one public IP in our factory premises to access the internet and we locally make server to access the internet on other computers.

We want our website admin login section only accessibly within factory premises and no one can access the admin login section out of the factory or only specific registered user can login into admin section out the factory as well like our CEO and our project manager.

is this feature possible in Magento 1.9.2.3?

Hope you people understand my problem.

thanks

Improve this question
0

2 Answers 2

Reset to default
2

Its working perfectly fine:

RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123 RewriteCond %{REQUEST_URI} admin [NC] RewriteRule ^(.*)$ / [F,L]
Improve this answer
8
  • Now only problem is remaining how can we allow some user by "Email or Username" to login into admin at outside the factory. Commented May 31, 2016 at 12:28
  • You need to whitelist their IPs also, or use a password and username in the .htaccess for these people Commented Jun 1, 2016 at 6:15
  • can you please explain little bit more or give me some example? Commented Jun 1, 2016 at 6:16
  • If they have a static IP then you can add this IP also. With .htaccess im not sure if you can specifically block access to the backend only Commented Jun 1, 2016 at 6:20
  • Check my change above in my answer, this might be useful if you change your backend path to something weird Commented Jun 1, 2016 at 6:22
2

You have to edit your .htaccess file and add the following:

RewriteCond %{REMOTE_ADDR} !^123.123.123.123

Where 123.123.123.123 is your IP address from your factory. This below is addon to route to another path as the usual path is not recommended anyway. So you could use anything instead of /admin to access the backend.

So for your needs you could change it to something cryptic and then make user accounts for CEO and Project manager. It will barely happen that someone tries something cryptic to enter your backend. Just replace /admin below with the new URL for the backend and then it will be accessible there.

RewriteCond %{REQUEST_URI} ^/(index.php/)?admin/ [NC] RewriteRule ^(.*)$ http:// %{HTTP_HOST}/ [R=302,L]
Improve this answer
4
  • i just need to replace the IP address that i want to access the admin login access and nothing to give any other information. Commented May 31, 2016 at 6:31
  • Only the IP you are using to access it, but of course then you need a login for Magento Commented May 31, 2016 at 6:38
  • i apply the same code and replace the IP but its give an error "Internal Server Error". Commented May 31, 2016 at 6:46
  • Here above my example with the admin path Commented Jun 1, 2016 at 6:34

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.