Using IP address
Hello there. I am currently developing an administration panel for my new website, BlogHead. I don't really want to deal with a login system or anything because I will be the only person using it (at the moment, that could change in the future). At the moment, instead of a password, I am using PHP and setting an IF statement to say that if the IP address is a certain number, display the page, and if it's not, display an access denied message.
Is it dangerous to do it like this? Unless someone was able to get in to my PHP file (which they would really have to dig to find) I can't see how they would view the data within. I'm just wondering. The website isn't currently open so it's not really at risk at the moment but I'd like to know before hand.
Thanks.
Kurtis
Greg K posted this at 06:32 — 9th July 2006.
He has: 2,145 posts
Joined: Nov 2003
Well, first thing is frist, do you have a static IP address?
-Greg
Renegade posted this at 07:15 — 9th July 2006.
He has: 3,022 posts
Joined: Oct 2002
What happens if you want to administrate at a friend's place or away from home?
kazimmerman posted this at 11:27 — 9th July 2006.
He has: 698 posts
Joined: Jul 2005
Greg K: Yes, it is a static IP address.
Renegade: I guess that could be a situation where it wouldn't be the best situation, but if that scenario comes up, I guess I can figure something else out....but mainly the work would be done from my main computer here.
Kurtis
waffles posted this at 17:51 — 9th July 2006.
They have: 54 posts
Joined: Jun 2006
As long as you don't tell anyone about it you should be fine. But only because no one will know where that page is. If you want to edit somewhere else you could always just take that if statement out for a while.
I don't see how anyone would be able to change your file unless they were able to upload to your server. And even then, you should have a backup on your computer so it wouldn't be hard at all to change it back.
waffles Radio Coming to a set of speakers near you September 2006
CptAwesome posted this at 22:44 — 9th July 2006.
He has: 370 posts
Joined: Dec 2004
Wouldn't it be far simpler to just set up a simple session login?
if($_GET[secret_code] == 'somethingsecret'){
$_SESSION[verified] = true;
}
if($_SESSION[verified] == true){
// show stuff
}else{
// don't show stuff
}
then to grant yourself the session all you have to do is go to mypage.php?secret_code=somethingsecret and then you can browse as normal from there.
kazimmerman posted this at 22:55 — 9th July 2006.
He has: 698 posts
Joined: Jul 2005
I actually did end up changing it making the file password-protected through the use of my .htaccess file.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.