Login module for member (not administrator site)

Need help with the Administration of your Joomla! 3.x site? This is the spot for you.

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Login module for member (not administrator site)

Postby chinglu312 » Tue Jun 06, 2017 8:39 am

Hi all,

I am looking to block login access to member page from specific IP address. I tried .htaccess but it doesn't seems to be working. Any idea?

please take note that I am not asking about login to administrator (back end)

Appreciate if anyone here could help.

Thank you.

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Tue Jun 06, 2017 9:14 am

If you know the user(s), there is a method to block them in the admin > user manager. Otherwise you need to insert php code in the template to determine the referring IP and redirect

Code: Select all

$kickout = $_SERVER['REMOTE_ADDR'];

if( preg_match('/174.141.213.30|72.186.109.58|132.45.66.83/',$kickout) ) {
header('Location: http://google.com');
exit();
}

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Wed Jun 07, 2017 1:50 am

Thanks websitedons for your solution.

In which area that i should insert this php code to? I saved this code as permission.php together with the other files in my current template. Is that correct? Picture as below. Because i tried login and it still allow me to login.

Untitled.jpg
You do not have the required permissions to view the files attached to this post.

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Wed Jun 07, 2017 4:04 am

Place it in the template's index.php at the top after the jexec definition

Code: Select all

<?php defined('_JEXEC') or die;
$kickout = $_SERVER['REMOTE_ADDR'];

if( preg_match('/174.141.213.30|72.186.109.58|132.45.66.83/',$kickout) ) {
header('Location: http://google.com');
exit();
}


If you want easy admin area management of the IP list, do some stuff to the template's templateDetails.xml and add IPs via the template manager.

Add a text area within any <fieldset> (this is assuming your template has parameters)

Code: Select all

<field name="kickout" type="textarea" label="Block IPs" />


Then add to the index.php after the jexec

Code: Select all

$kickout = $_SERVER['REMOTE_ADDR'];
$iplist = explode( PHP_EOL, $this->params->get('kickout') );

if( in_array($kickout, $iplist) ) {
header('Location: http://google.com');
exit();
}



Then enter each IP on a separate line in the text area of the template manager

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Wed Jun 07, 2017 7:12 am

It's working great. But i think i didn't explain well previously.

I do not want to block a certain IP address to view my website. I want to block a certain IP address from login to member page from website.

I still want my website to be seen by everyone from any IP address, but when it comes to login to member page, i want to restrict login access from a certain IP address.

How can i do that?

Thanks.

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Wed Jun 07, 2017 7:33 am

Wrap this condition around the method you used

Code: Select all

if( JFactory::getApplication()->input->get('view') == 'login' ) {
// all the other code here
}

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Wed Jun 07, 2017 9:30 am

Sorry, one last question!

What if i want to allow only 1 IP address to login to member page. how can I adjust the code?

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Wed Jun 07, 2017 3:38 pm

Add an exclamation before the either php query function and add the IPs you wish to allow

Code: Select all

if( !in_array($kickout, $iplist) ) {
header('Location: http://google.com');
exit();
}

Code: Select all

if( !preg_match('/174.141.213.30|72.186.109.58|132.45.66.83/',$kickout) ) {
header('Location: http://google.com');
exit();
}

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 18040
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Login module for member (not administrator site)

Postby leolam » Wed Jun 07, 2017 5:01 pm

With all respect why are we doing this since it makes no sense at all?

@chinglu312 We have dozens of plugins that can do this but the most important defense is on hosting level. If you have a good host you can deny ip's on server level

Coding in templates etc is just BS and bad advise. Do not follow up on this (so called) advise. Any template (framework) update will overrule this. Besides that if you do not use this won server level or (less secured) extension you should set this in .htaccess and never in a template....-->weird advise given for sure by @websitedons

In general about blocking IP's: Useless (I can use any VPN to avoid your block and get to your site)

Leo 8)
Celebrating 10-Years of Professional Joomla Support Services Visit:
- Joomla Professional Support:https://gws-desk.com -
- Get Your Joomla Site in 1 Day:https://gws-deals.today -
- Member Joomla Bug Squad & J-CMS Release Team

User avatar
ribo
Joomla! Hero
Joomla! Hero
Posts: 2917
Joined: Sun Jan 03, 2010 8:47 pm
Contact:

Re: Login module for member (not administrator site)

Postby ribo » Wed Jun 07, 2017 10:31 pm

leolam wrote:Coding in templates etc is just BS and bad advise. Do not follow up on this (so called) advise. Any template (framework) update will overrule this. Besides that if you do not use this won server level or (less secured) extension you should set this in .htaccess and never in a template....-->weird advise given for sure by @websitedons

In general about blocking IP's: Useless (I can use any VPN to avoid your block and get to your site)

Leo 8)

I agree with Leo about useless of block ip and and especially with edit template or joomla core. Just extend your joomla if you want and have everything up to date and be sure that you are to a secure host server too.
chat room spontes : http://www.spontes.com

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Fri Jun 09, 2017 7:05 am

I'm looking for more options for this anyway.

Thanks all for the solutions!

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Tue Jun 13, 2017 8:04 am

hi websitedons,

I'm still working on it, but somehow can't get it work.
I was trying to put together with what you provide in this thread. what I'm trying to achieve now is that, to let everyone to access and view my website, but only a few ip address allow to login to member page.
If there are other ip address that are not allow to login to member page, they will be blocked from login. Am I doing it right as below?

<?php defined('_JEXEC') or die;
$kickout = $_SERVER['REMOTE_ADDR'];

if( JFactory::getApplication()->input->get('view') == 'login' ) {
if( !in_array($kickout, $iplist) ) {
if( !preg_match('/111.166.122./',$kickout) ) {
header('Location: http://google.com'); exit(); }

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Tue Jun 13, 2017 4:48 pm

chinglu312 wrote:hi websitedons,I'm still working on it, but somehow can't get it work.

Yes we got your email and someone is developing the extension for you. You will receive it via email some time today.

User avatar
websitedons
I've been banned!
Posts: 393
Joined: Sat May 27, 2017 9:42 am

Re: Login module for member (not administrator site)

Postby websitedons » Tue Jun 13, 2017 11:41 pm

The plugin has been created and sent to your email. This is what you will see
chinglu-ip-block.jpg
You do not have the required permissions to view the files attached to this post.

chinglu312
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Tue Jun 06, 2017 8:27 am

Re: Login module for member (not administrator site)

Postby chinglu312 » Tue Jun 20, 2017 4:38 am

Thanks websitedons for your help!


Return to “Administration Joomla! 3.x”

Who is online

Users browsing this forum: No registered users and 8 guests