Restrict access to a single MS site based on IP (7 posts)

  1. Doug
    Posted 4 years ago #

    I have a client who needs to control access to certain sites on a multisite install based upon IP address/range -- i.e., if a user is attempting to visit from a non-sanctioned IP, their access is denied, yet those on allowed ranges enjoy unfettered access to the content.

    What's the easiest way to go about doing such a thing?

  2. Probably via .htaccess though you;d have to have some nested checks in there, and I'm not sure how that would work.

    That's a case for a separate install, though.

  3. Doug
    Posted 4 years ago #

    For organizational- and training-related reasons, this pretty much *has* to run out of a single MS install.

  4. Does it have to be IP restricted? Or can it be user based?

  5. Doug
    Posted 4 years ago #

    Alas, it needs to be IP restricted. I've offered up Tadlock's Members plugin (and similar) but C-level execs seem to have an allergy to login dialogs. They want lurkers to have access to the site's content but want to keep prying eyes out. (Think: intranet site on a large corporate network which may well have 3rd party contractors and even competitors with some manner of access on it.)

  6. Brian Layman
    Posted 4 years ago #

    There are probably gazillion ways you can do this.

    The first one that pops into mind would involve hooking into init and then do wp_redirect to a pretty error page on your root blog if the person is not allowed in: "You have tried to access a restricted blog. The Hunter Destroyers have been dispatched."

    To check for the IP you can have a multi-dimensional load from site-meta that has a big list of blogID->ApprovedIP pairs and a UI to maintain it.

    The function on init does an isset() to see if there is anything under that blog id. If that blog ID is not found, don't redirect - it's not a filtered blog. If there are entries for the blog, then look for the $_SERVER['REMOTE_ADDR'] in the 2nd dimension of the array. If found don't redirect else do.

    Make sense?

  7. Brian Layman
    Posted 4 years ago #

    Better yet, populate it through a CSV file they upload. They'll love that.

Topic Closed

This topic has been closed to new replies.

About this Topic