Skip to content
/ adminfirewall Public

Limit Access to Magento administration panel based on a set of IP addresses

License

GPL-3.0 license
20 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

defactodesign/adminfirewall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
src/app
src/app
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE.TXT
LICENSE.TXT
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
modman
modman
 
 

Repository files navigation

Defacto_Adminfirewall

Restrict access to the administration panel via an IP whitelist.

Tested with Magento 1.9.x+ most likely will work with earlier versions.

The module will prevent access to any administration area, regardless of the frontname used. This means it will protect against modules that incorrectly add admin controllers without the administration prefix (Fixed in supee-6788).

Pull requests welcome.

[email protected]

FAQs

Why do you extend the event observer rather than defining your own observer for the same event?

It is imperative that the code in our event observer is processed before the default admin observer, otherwise it will not prevent brute force login attempts against non-default admin frontnames. Since Magento has no mechanism to control the order of event observers, rewritting the original observer is the cleanest option.

About

Limit Access to Magento administration panel based on a set of IP addresses

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

20 stars

Watchers

8 watching

Forks

2 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages