1
script_fu
Trying to understand Protector and dsl ip address's

Im having a problem with protector locking people out of my site. Mostly its due to dsl I think.

The way I understand it is dsl keeps giving new ip address to the client at certain intervals.

Is this correct? How can I fix this problem?

2
Anonymous
Re: Trying to understand Protector and dsl ip address's
  • 2007/7/23 7:05

  • Anonymous

  • Posts: 0

  • Since:


If the ISP is changing IP address then there's a setting in Protector admin for setting which user-groups are allowed IP-moving whilst logged in. You can set "Registered Users" from there.

However, you need to be absolutely certain that this is the case before setting this.

Could it be that your clients have a load of urls in their signatures (more than allowed in Protector) and it is this that's the problem?

3
script_fu
Re: Trying to understand Protector and dsl ip address's

Its the webmasters I am having problems with. So far there are three of us. Two have dsl and are locked out quite a bit.

I have seen ip addresses swing from say 00.00. to 000.000. plus for two different people.

So if I have webmasters that have different ip's based on dsl they can no longer access the site until someone else adds it to protector.

Am I understanding this correct?

4
skenow
Re: Trying to understand Protector and dsl ip address's
  • 2007/7/23 16:06

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Protector provides you with a couple of different places to specify how to handle moving IP addresses -

From the Protector document in XOOPSwiki

In the preferences -
Reliable IPs:
Quote:
^ matches the head of string, $ matches the tail of string.


Protected IP bits for the session:
Quote:
This is an anti session hijacking measure that limits how far IP bits can move within a session.

Default 32 bit - all bits are protected (IP cannot change).

If you have a dynamic IP that moves within a known range, you can set the number of protected bits to roughly match.

For example, if your IP can move in the range of 192.168.0.0 to 192.168.0.255, set 24 bit here. If a cracker knew your session IP but tried to access from outside this range (say 192.168.2.50) they would fail.

The author of the module suggests 16 bit as a balanced value for general use.


Groups not allowed to move their IP in a session:
Quote:
Anti session hijacking measure. Selected groups are not permitted to change their IP in a session. The default is ‘webmasters’ and it is recommended to leave it that way as the consequences of an administrator’s session getting hijacked could be quite severe.


In the Protect Center -
Allowed IPs for Group=1:
If this is blank, IP addresses are not checked for webmasters and only the other rules will be applied to the IP address

Quote:
Enter allowed IPs for group 1 (webmasters) in this box, each on a separate line. You can allow ranges of IPs, for example entering 192.168. will allow 192.168.*

Login

Who's Online

275 user(s) are online (207 user(s) are browsing Support Forums)


Members: 0


Guests: 275


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits