HTTP Middleware to handle IP and path restrictions.
composer require drupal/restrict
cd modules/custom
git clone --branch <release> git@github.com:steveworley/restrict.git
All configuration for this module is managed via a sites settings.php
file.
An array of IP addresses to allow on to the site that may use the following syntax:
- CIDR (107.0.255.128/27)
- Range (121.91.2.5-121-121.91.3.4)
- Wildcard (36.222.120.*)
- Single (9.80.226.4)
$settings['restrict_whitelist'] = [
'107.20.238.9',
'70.102.97.2/30'
];
An array of IP addresses that will be denied access to the site that may use the following syntax:
- CIDR (107.0.255.128/27)
- Range (121.91.2.5-121-121.91.3.4)
- Wildcard (36.222.120.*)
- Single (9.80.226.4)
$settings['restrict_blacklist'] = [
'107.20.238.9',
'70.102.97.2/30'
];
An array of basic auth username => password combinations.
$settings['restrict_basic_auth_credentials'] = [
'Editor' => 'P455w0rd',
'user' => 'password',
]
];
Paths which may not be accessed unless the user is on the IP whitelist. Paths should start with a leading '/'. Path restrictions can have options specified by an associative array.
$settings['restrict_restricted_paths'] = [
'/path',
'/path/to/restricted/resource',
'/path' => [
'auth' => ['username' => 'password'],
],
];
Returns a 404 instead of a 403 when users are denied. This should be set to a value from the RestrictManager
class. Possible values:
RESTRICT_NOT_FOUND
RESTRICT_UNAUTHORISED
RESTRICT_FORBIDDEN
$settings['restrict_response_code'] = 'RESTRICT_NOT_FOUND';
restrict_trusted_proxies
ensures Acquia load balancers and their IPs are added to the trusted proxies list.
$settings['restrict_trusted_proxies'] = [
'127.0.0.1',
];