Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Community › Forums Register  |  

telerik -- supercharge your DNN websites
  Ads  
Active Modules -- Active Forums for DotNetNuke
 


  Sponsors  

Meet Our Sponsors

SmarterTools
The Official Microsoft ASP.NET Website
Portal Webhosting - Hosting For Developers
Red-Gate Software
MaximumASP
SourceGear - Tools for Developers
 


DotNetNuke Forums
 
  Forum  General DotNetN...  Configure It! (...  Prevent external logins for Host/Admin users
Previous Previous
 
Next Next
New Post 11/26/2007 3:05 PM
User is offline bitpail
31 posts
10th Ranked


Prevent external logins for Host/Admin users 

Is it possible to prevent Host and Admin users from logging in externally, that is from outside a company intranet?
 
New Post 11/26/2007 8:55 PM
User is offline Shawn Mehaffie
2048 posts
5th Ranked




Re: Prevent external logins for Host/Admin users 

If this is an intranet site, then I would put firewall rules in place to limit access to the site to internal IP addresses.  If for some reason you cannot do this through the firewall (no access to firewall, etc) then you can also limit access by IP address within IIS Management Console.
 
New Post 11/27/2007 2:21 AM
User is offline Ion Lenta
13 posts
10th Ranked


Re: Prevent external logins for Host/Admin users 

This is actually a very good idea !!

I think now it cannot be done without modifying the source-code, but that is why we LOVE open-source isn't it?

My suggestions:

1. Modify UserValidStatus.vb, add
EXTERNALIP = 5
right after the line:
UPDATEPASSWORD = 4

2. Modify Login.ascx.vb (I'm not an expert in Visual Basic, so excuse my mistakes. I'm more in C# world)
right after
            If Not objUser.IsSuperUser Then
                validStatus = UserController.ValidateUser(objUser, PortalId, ignoreExpiring)
            End If
add something like this:
If Not Request.UserHostAddress().StartWith("192.168") Then validStatus=UserValidStatus.EXTERNALIP

3. Handle the UserValidStatus.EXTERNALIP in the Select just below I suggest adding something like this:
                Case UserValidStatus.EXTERNALIP
                    strMessage = "Admins can login only from inzide the corporate network!"
                    AddLocalizedModuleMessage(strMessage, ModuleMessageType.YellowWarning, True)
                    PageNo = 0

Hope this helps.

Regards, Ion
 
New Post 11/27/2007 5:15 AM
User is offline Jeff Cochran
1513 posts
5th Ranked


Re: Prevent external logins for Host/Admin users 

 bitpail wrote

Is it possible to prevent Host and Admin users from logging in externally, that is from outside a company intranet?

What the others are trying to say is -- No.  :)

Technically, to DNN, there is no internal/external.  Everybody is external.  But there are ways to handle this, specifically with auditing of logs and a policy that says anyone logging in from outside the intranet will be terminated.  You might also use a proxy to block access to the login URL from outside, bypassing the proxy internally.

As usual, rotate admin/host passwords regularly, use strong passwords and audit logon attempts.  Use the AD provider to manage this through policies.

Jeff
 
New Post 11/27/2007 6:58 AM
User is offline bitpail
31 posts
10th Ranked


Re: Prevent external logins for Host/Admin users 

Great, this is exactly what I was talking about, thanks Ion.
 
 Page 1 of 212Next 
Previous Previous
 
Next Next
  Forum  General DotNetN...  Configure It! (...  Prevent external logins for Host/Admin users
 


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.
 


TechNexxus
Business process and technology sourcing solutions delivering superior people, process and value. We have used, and continue to use, DNN successfully in numerous client projects to deliver exceptional value. We are proud to support the DNN team and community.
www.technexxus.com 		PartnerPoint | Community of Microsoft Partners
PartnerPoint is one of the largest and most active online communities of Microsoft Partners worlwide with over 8,000 members.
www.PartnerPoint.com 		Web Valley
Website design, Database development
www.webvalley.com

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP