Using login_pre.sh to only allow certain IPs


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » DirectAdmin » Custom Scripting

Using login_pre.sh to only allow certain IPsLast Modified: Nov 9, 2015, 11:57 pm
The login_pre.sh feature is a script that is called before each request (if it exists).  The sample script in the versions system describes how to allow one IP.  If you wish to allow more than one IP, the script would need to be changed.   Note that you can use php if you wish, and connect to an IP database, if you wanted to have a more versatile IP checking system.

The script below will describe how to create a text file to allow multiple IPs, with an easy-to-edit list.

1) Similar to the sample script, we'll create

/usr/local/directadmin/scripts/custom/login_pre.sh

in this script, add the code

#!/usr/local/bin/php
<?php

$user = getenv('username');
$ip = getenv('ip');

$ip_list = "/usr/local/directadmin/scripts/custom/ip_list.txt";

if ($user == 'demo_user' || $user == 'demo_reseller' || $user == 'demo_admin')
{
          //not worried about demos
           exit(0);
}

$lines = file($ip_list);

foreach ($lines as $ip_val)
{
       $ip_val = trim($ip_val); //remove trailing newlines
       if ($ip == $ip_val)
       {
                  exit(0);
       }
}

echo "Invalid IP";
exit(1);

?>

Save and chmod the script to 755.

2) As you may have guessed, the next step is to create the list itself.   Edit

/usr/local/directadmin/scripts/custom/ip_list.txt

and add 1 IP per line for the IPs that you wish to allow into DA.

3) This last step is optional.  If you'd like to edit the ip_list.txt from within DA itself, add it to the edit files:

cd /usr/local/directadmin/data/templates/custom
cp ../edit_files.txt .
echo "/usr/local/directadmin/scripts/custom/ip_list.txt=user=root&group=root&permission=600&secure=yes" >> edit_files.txt

which will add the file to:
Admin Level -> File Editor

so that you can edit it through DA.
 
Related Helpfiles
I only want my IP to be able to execute Admin level commands
Security Questions after DirectAdmin login for additional layer of security.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST