Skip to content
/ django-adminrestrict Public
forked from robromano/django-adminrestrict

Block access to Django admin pages except for allowed IP addresses

License

MIT license
0 stars 16 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nmerket/django-adminrestrict

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

adminrestrict

adminrestrict

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

Makefile

Makefile

 
 

README.rst

README.rst

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

Django Admin Restrict

Latest Version Build Status https://pypip.in/license/django-adminrestrict/badge.png

django-adminrestrict enables you to block access to the Django admin pages unless requests come from specific IP addresses.

Requirements

django-adminrestrict requires Django 1.4 or later. The application is intended improve the security around the Django admin login pages.

Installation

Download and install django-adminrestrict using one of the following methods:

pip

You can install the latest stable package running this command:

$ pip install django-adminrestrict

Setuptools

You can install the latest stable package running:

$ easy_install django-adminrestrict

Development

You can contribute to this project forking it from github and sending pull requests.

Configuration

First of all, you must add this project to your list of INSTALLED_APPS in settings.py:

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    ...
    'adminrestrict',
    ...
)

Next, install the FailedLoginMiddleware middleware:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'adminrestrict.middleware.AdminPagesRestrictMiddleware',
)

Run python manage.py syncdb. This creates the appropriate tables in your database that are necessary for operation.

Usage

Using django-adminstrict is extremely simple. Once you install the application and the middleware, all you need to do is update the allowed IP addresses AllowedIP section of the admin pages.

Adding allowed IP addresses

Login to the admin pages and browse to the Adminrestrict app, and start creating recorded in the AllowedIP table. Just type in the IP addresses and save records.

Adding allowed IP addresses with wildcards

Create a AllowedIP entries ending with a "*" to any IPs that start with the specified patterh. For example, adding 192.* would allow addreses starting matching 192.*.*.* to login to the admin pages.

Adding * to disable all restrictions

Create a single AllowedIP record with "*" as the IP address, to temporarily disable restrictions. In this way, you do not have to modify settings.py and remove the middleware if you need to disable.

Having at least one AllowedIP record with * as the IP address effectively disables all restrictions.

About

Block access to Django admin pages except for allowed IP addresses

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 98.2%
  • Makefile 1.8%