View Issue Details

IDProjectCategoryView StatusLast Update
0017956phpList 3 applicationInterface - Administratorpublic30-11-15 22:54
Reportermichiel 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Product Version3.2.3 
Target Versionnext minorFixed in Version 
Summary0017956: restrict admin logins to one IP
DescriptionIt should be safer to restrict a login to one IP. In general one admin should be on one IP.

This is different from CHECK_SESSIONIP in that it should check it cross-sessions, which means it needs a DB table to store the data in.

This same table could then be used to avoid multiple admins editing a single campaign and overwriting each others data, similar to how WP does that.
TagsNo tags attached.

Activities

duncanc

30-11-15 22:39

developer   ~0057362

It's not clear what this might mean.
Do you mean admin "michiel" can login only from a fixed IP address?
Or does it mean that only one admin called "michiel" can be logged-in at one time?

michiel

30-11-15 22:54

manager   ~0057364

yes, I mean only one admin called "michiel" can be logged-in at a time.

I'm happy to take comments and suggestions. I know loads of people tend to share logins, in which case it may be awkward. I guess for download, I can allow switching it off. For the service, it's better if it can be enforced.