1 Reply Latest reply on Jun 13, 2014 9:10 AM by whoiskevin

    Need to restrict access to Admin console by IP range

    kevin.brewster@accelrys.com

      Hello,

      A recent security audit has required us to restrict access to the admin console by ip range. Can you advise on how to restrict by ip range?

       

      Thanks,

        • Re: Need to restrict access to Admin console by IP range
          whoiskevin

          I do this by modifying the Apache configuration on the Jive boxes.  The file I modify is <jive install>/etc/httpd/sites/default.conf

           

          This is an example of the changed I add:

           

          <Location /admin>

                 Order deny,allow

                 SetEnvIF X-Forwarded-For "^10\.10\.[4-8]\.\d+$" AllowAdminByIP

           

                 Allow from env=AllowAdminByIP

                 Deny from all

             </Location>

           

          This example limits based on the X-Forwarded-For header for IP addresses in the range 10.10.4.x to 10.10.8.x. You could use another header that identifies the IP address if there is something custom you use in your environment.  And of course you can have as many of these checks as needed.