Block access to a URL or system folder path

Question

Block access to a URL or system folder path

Navigation

#1 by (1 votes)

3

Hi, I'm trying to block administrative access from my site and release it for only a few ips. I can do this using the .htacess well quiet but the problem is that I have the adminstrative module and the module frontend and .htaccess of the web folder blocks the whole system and not only the administrative one. I wanted to know how to make it block access through the url or the admin folder. I tried to use .htaccess and .htpasswd in the login folder but did not scroll.

Has anyone had this idea yet?

php apache symfony

asked by anonymous 21.12.2015 / 12:10

1 answer

Is there a paid localhost server? [closed] Image loses effect of CamanJS when manipulating canvas

score 1 · Answer 1

With the access_control directive of the Symfony security configuration, it is quite easy to do this.

Here are some examples from the symfony website itself:

Symfony

security:
    # ...
    access_control:
        - { path: ^/admin, roles: ROLE_USER_IP, ip: 127.0.0.1 }
        - { path: ^/admin, roles: ROLE_USER_HOST, host: symfony\.com$ }
        - { path: ^/admin, roles: ROLE_USER_METHOD, methods: [POST, PUT] }
        - { path: ^/admin, roles: ROLE_USER }

In each of the access_control directive entries you can enter four settings:

path (which defines by which path the administrative part is accessible)
ip or ips (which defines which IPs have access to the administrative part)
host (which defines through which host the administrative part is accessible)
methods (which defines the allowed methods in the administrative part)

You can also put an expression through the allow_if directive (for example, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" ) and even force access to the administrative section to be done through HTTPS (using requires_channel: https ).