I do have a solution in the works that combines the two approaches. I have an abstract IP-address checker that can be used to set control lists based on inbound IP patterns. You could use it in hook_init() to deny access to /admin. To give an idea, here a use-case. -- On user login, if the user name matches user 1, check the IP control list for 'admin login'. -- We then regex the IP (127.0.0.100) vs. a list of valid IPs for that control list. -- The list can contain full octets or partials, with regex patterns \d and 0-9. -- So 127.0.0.100 would match the patterns 127.0 or 127.0.0.10\d. -- On fail, disallow the login. All the module actually does is return boolean TRUE/FALSE for the check, and then cache the results for performance. The cache is wiped when control lists are updated. The control lists are managed through a UI (though they can also be defined in a hook and marked as "uneditable" through the UI). Problem is, the code is unfinished, and needs 20-30 hours of love. If anyone is interested in co-maintaining, I can set up a CVS project. Anyone interested should send me a note off-list. - Ken Rickard agentrickard On Fri, Oct 2, 2009 at 9:19 AM, Jennifer Hodgdon <yahgrp@poplarware.com> wrote:
Philip Mather wrote:
Afternoon, I'm the paranoid type and so after installing and setting up my lovely new drupal site I decided that, with all due respect, I'd feel much more comfortable restricting access to the /admin section with an apache password prompt. [...]
It looks like your solution is somewhat different from the approach of http://drupal.org/project/securesite
Would you consider writing up a page for the Drupal Handbook explaining what you did? And maybe mentioning the module above too, and what the differences are, and any other modules you found that have similar aims? It could possibly go under: - Advanced installation http://drupal.org/node/346385 - Beyond the Basics - How Tos http://drupal.org/handbook/customization/howto - Comparisons of contributed modules (if you have several modules to compare) http://drupal.org/node/266179
Anyone with a drupal.org account (which anyone can get) can write a book page. Just navigate to the parent page and click "Add child page" at the bottom.
--Jennifer
-- Jennifer Hodgdon * Poplar ProductivityWare www.poplarware.com Drupal, WordPress, and custom Web programming
-- Ken Rickard agentrickard@gmail.com http://ken.therickards.com