keat Posted February 11, 2016 Share Posted February 11, 2016 I have dynamic IP's at home. Is there a way to add a trusted subnet in Security suite. ie something like xxx.xxx.xxx.0/255.255.255.0 Quote Link to comment Share on other sites More sharing options...
bsmither Posted February 11, 2016 Share Posted February 11, 2016 We can try to change the comparison of the current IP against any of the trusted IP addresses to a comparison of the current IP is within any of the trusted CIDR-notatations, as explained here: http://php.net/manual/en/ref.network.php#74656 Your CIDR notation as compared to your mask above, would be: 123.456.789.000/24 Try this: In the module's ccss.class.php, near line 60 (this is version 1.0.0), find: if((string)$this->_current_ip == (string)$value['ip_address']) { Change to: if($this->_ipCIDRCheck((string)$this->_current_ip, (string)$value['ip_address'])) { // if((string)$this->_current_ip == (string)$value['ip_address']) { There are variants of the above statement at lines 28 and 44. At the bottom of the file, find: return false; } } ?> Change to: return false; } private function _ipCIDRCheck ($IP, $CIDR) { list ($net, $mask) = split ("/", $CIDR); // $mask is empty if not in CIDR notation $ip_net = ip2long ($net); $mask = (!empty($mask)) ? $mask : 32; // force CIDR /32 if empty $mask $ip_mask = ~((1 << (32 - $mask)) - 1); $ip_ip = ip2long ($IP); $ip_ip_net = $ip_ip & $ip_mask; return ($ip_ip_net == $ip_net); } } ?> Of course, keep a backup copy of this file in case the function does not work as planned. Quote Link to comment Share on other sites More sharing options...
keat Posted February 12, 2016 Author Share Posted February 12, 2016 Will take a peek at the weekend and come back to you. Thanks Quote Link to comment Share on other sites More sharing options...
keat Posted February 14, 2016 Author Share Posted February 14, 2016 I spent 20 minutes looking for the file on my PC only to realise it's a plugin and was installed with the key method. I added the code and then added my IP with a /16. It seems to have accepted it, and doesn't complain that my IP is not in the list, so maybe time will tell, when my IP changes. It might be worth recommending this as a product improvement. ?? I did post the completed file, but considering it's related to site security i thought otherwise and removed it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.