Saturday, December 26, 2009

How to create Admin page with 1 IP access

Author: Admin | Posted at: 10:45 PM | Filed Under:
How to create Admin page with 1 IP access
Hi coding freak...back again with me at php tutorial. In this php tutorial i will show you how to make out website to more secure. Each website must have the admin page. Page admin here means the web pages that are used by webmasters to manage content and web interface. Surely we would not want if the admin page is known by other parties. Using your username and password would be fine, but didn't rule out other users will break into the security log that you created.

In addition to using the username and password, there are other ways to secure the admin page. Namely by limiting the IP Address. So only certain IP address that can open the pages of this admin. Ah, after a long story, of course you can not wait to find out how to create a secure admin page.

First of all, you need to know your IP address. To find out, you can use the following command:


<?php
  print ?Your IP : ?.$HTTP_SERVER_VARS['REMOTE_ADDR'];
?>


If so, then in the admin section, (suppose you put in the folder? Administrator /index.php?), You type the following command at the beginning of the script:


<?php
  $ip = ?127.0.0.1? // <-- IP which has been noted previously
  if($HTTP_SERVER_VARS['REMOTE_ADDR'] != $ip) {
  header(?location: ../index.php);
  } else {
  Setcookie(?ip?,$ip); }
?>


Then, for every other web page, (which is also found in the administrator folder) you add the following command:


<? php
  $ ip =? $ _COOKIE [? ip?];? / / Call cookies ip
  if ($ HTTP_SERVER_VARS [ 'REMOTE_ADDR']! = $ ip) (
  print? You don't have access to this page .....!!!!?;
  ) Else (
  / / Display your menu
  )
?>


Don't forget to do the call or session cookies for the username and password you created.
The above examples are only for calling cookies to IP Address. You can also create more than 1 IP address that can access your admin page. Of course by using the database.


CREATE TABLE `my_web`.`tb_admin` (
  `id` BIGINT( 20 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
  `ip` VARCHAR( 30 ) NOT NULL
  ) ENGINE = MYISAM

  INSERT INTO `my_web`.`tb_admin` (
  `id` ,
  `ip`
  )
  VALUES (
  NULL , '127.0.0.1'
);

Config.php

<?php
$host = ?localhost?;
$user = ?root?;
$pass = ??;
$connect = mysql_connect($host,$user,$pass) or die (?Please check your host,username or password..?);
$pilih_db = mysql_select_db(?my_web?);
?>



Then in the index.php that located in the folder administrator, type the following script:

index.php

<?php
  Include(?config.php?);
  $ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
  $valid_ip = mysql_query(?SELECT * FROM tb_admin WHERE ip=?$ip??);
  if (!= $valid_ip) {
  print ?You don't have access to this page !?;
  } else {
  // Display your menu
  }
?>

Although in this way will not make our website 100% secure, but at least we have made efforts to secure our website.

Good luck ....

Related Posts by Categories



2 comments:

Puji Antoro on December 28, 2009 at 8:02 PM said...

it's really nice info,thx :D

Andar Sevenfold on December 29, 2009 at 9:39 PM said...

You're welcome :D

Post a Comment

Subscribe to: Post Comments (Atom)

Maybe this is what you looking for

 

Subscribe Now

 Subscribe in a reader

Followers

IT Skill is not enough... Copyright © 2009 Designed by Bie Blogger Template