[SEC] Limit the Admin to a single IPv4

Discussion in 'Archived: Plugin Requests' started by ARasputin, Jan 28, 2012.

  1. Offline

    ARasputin

    Plugin category: Security

    Suggested name: IPRestrict, BindAdmin

    A bit about me: I'm a server administrator who runs an offline-mode server for a small community. We haven't had any problems with security so far as we are very tight-knit but we have been gaining popularity and as such I'd like to implement a behind-the-scenes IP check.

    What I want: A behind-the-scenes authentification system done through the server, preferably with a YAML config file for easy configuration. The way I am imagining this working is ARasputin logs in from 123.45.678.9, the plugin looks at the config.yml file and notices an entry stating that ARasputin is only allowed to log in from 127.0.0.1 and so it issues the command to kick and/or ban the offender.

    Also: The config does not have to be in a YAML format, I am just used to that, it could be plaintext, richtext or whateveryouwanttext, I also don't want this to cause problems with users who have to travel or use a VPN so I'd like it to ignore usernames that are not in the config file.

    Ideas for commands: This plugin really wouldn't need commands as I'd be hand-editing the .yml file personally but an ingame command such as /ipadd <user> <IPv4> would be neat.

    Ideas for permissions: OP only

    When I'd like it by: Preferably soon, but there is no real rush as like I said we have no had a security issue yet.
     
  2. Offline

    flamedaces

    pfffffttt.....try xauth
    or authme
     
  3. Offline

    ARasputin

    I'd rather it work behind the scenes instead of making my users auth themselves all the time


    edit: Updated the OP with the proper formatting and a clearer explanation of what I want
     
  4. Offline

    Wolfy9247

    I got this far: http://pastebin.com/Q3MJZHBE

    I'm far too tired to continue it right now and am not knowledgable with knowing how to add new entries to a list in the config.yml file, it's probably really simple though. That's about all that needs to be done, besides if you wanted to make it complicated and register the commands. If the commands aren't registered I'd suggest taking out the check for it though.

    Anyways, hope this is some help! I'll pick back up on it tomorrow if I have time, and/or if someone else hasn't.
     
  5. Offline

    Liam Allan

    Easy plugin, I can do this. Inbox if you want me too.
     

Share This Page