Authentication by IP

Authentication ::: auth_ip
Maintained by Jordi Pujol-Ahulló, Robert Marsal, Daniel Tome Fernandez, Cristian Martinez
This authentication plugin helps to manage manual accounts being accessed only by the list of restricted IPs.
Latest release:
106 sites
119 downloads
20 fans
Current versions available: 2
Download

Authentication plugin restricted by IP

This authentication plugin helps to manage manual accounts being accessed only by the list of restricted IPs.

New feature: Version 1.3 has a new feature to take the IP behing load balancers and proxies.

Installation

Install it as usual:

  • Download it (via zip or git) into MOODLE/auth/ip
  • Log in into Moodle
  • Go to "Notifications"
  • Set up the list of IPs enabled to access to your Moodle.
  • Save changes.
  • Go to Administration->Plugins->Authentication->Manage plugins
  • Enable plugin "Authentication by IP".

Usage

Setting this authentication type to a user:

  • Go to a user profile.
  • Set the authentication type "Authentication by IP"

Updating the list of restricted IPs:

  • Go to Administration->Plugins->Authentication->Manage plugins
  • Update the list of IPs

NOTE: After updating the list of IPs, an email will be sent to the administrator email, just for security.

License

It is released as GPL v3.

Authors:

Copyright 2013 onwards Servei de Recursos Educatius (http://www.sre.urv.cat)

Useful links

More documentation on this plugin
Website URL
Source control URL
Bug tracker

Screenshots

Screenshot #0
Screenshot #1
Screenshot #2
Screenshot #3
Screenshot #4
Screenshot #5
Screenshot #6
Screenshot #7
Screenshot #8
Screenshot #9

Contributors

Jordi Pujol-Ahulló (Lead maintainer)
View other contributions
Robert Marsal
View other contributions
Daniel Tome Fernandez
View other contributions
Cristian Martinez
View other contributions
Please login to view contributors details and/or to contact them

Awards

Automated testing support
Automated testing support
Early bird 3.2
Early bird 3.2
Privacy friendly
Privacy friendly
Early bird 4.2
Early bird 4.2

Comments RSS

Show comments
  • Leslie Foster
    Leslie Foster
    Thu, 28 July 2016, 5:24 PM
    I have a question if I may?

    If I want to have it such that users can login using a password, but only if they are on a certain IP address, then this plugin can do that? i.e. the password authentication and the IP authentication can be stacked?

    Thanks

    Les
  • Sandro Franco
    Sandro Franco
    Tue, 31 Jan 2017, 1:34 AM
    When I use it it blocks access for the user, even from the ips in the allowed list
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Tue, 31 Jan 2017, 2:52 PM
    Hi Rafael!

    Check the Moodle logs and extract the IP your user is logging in. It can be something related to the infrastructure that (internal IP, NATs) that prevent arriving the IP you are expecting into Moodle. It the IP is one of you are defining in the plugin settings (or in the IP range), please, come back again with more detail, so that we can manage to see what is happening.

    It would be better if you report it into the github.

    Jordi
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Tue, 31 Jan 2017, 2:53 PM
    Hi Leslie,

    Actually, this plugin is just for what you are asking for: it's like a manual authentication including the restriction of logging in from a given IP or IP range.

    Sorry for the late answer,

    Jordi
  • Sandro Franco
    Sandro Franco
    Wed, 8 Feb 2017, 4:18 AM
    This is from my last conversation with Jordi:

    What I can check from our plugin at https://github.com/SREd-URV/moodle-auth_ip/blob/master/auth.php is that if you state fixed IPs (not ranges), the only problem that may arise is that the REMOTE_ADDR processed in the server side does not match, somehow, to the expected IPs. Could you login as admin from one of those IPs and check the PHP information from the server, and report here the line related to the REMOTE_ADDR. Please, add the confirmation that the shown IP is the corresponding, expected IP.
  • Sandro Franco
    Sandro Franco
    Wed, 8 Feb 2017, 4:21 AM
    after login as admin from the specified IP and checking the PHP info the REMOTE_ADDR is different from the IP address I listed as allowed. Does this mean that I need to express the IP address as a range instead of a fixed IP?
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Thu, 9 Feb 2017, 3:16 AM
    Thanks Rafael for reporting this issue and also a PR in the github repository. It is already on the master branch and available to the community.
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Thu, 9 Feb 2017, 3:25 AM
    Thanks to Rafael, we have available the version 1.3 with that new feature.
  • Dagwin Roelants
    Dagwin Roelants
    Mon, 13 Feb 2017, 10:38 PM
    Hi,
    I'm looking for a plugin that allows guest access if coming from a certain IP and blocks all other guests.
    Is this possible with this plugin?
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Mon, 13 Feb 2017, 11:25 PM
    Hi!

    This plugin inherits the behaviour of a "manual" auth plugin, and adding a restriction of the list of allowed IPs.

    Consider that "guest" access is something related to the enrolment of a user into a cours (enrol/guest). It is not related to the authentication access. I do not know if there is any other enrolment plugin restricting IP access. I can suggest you to ask it into the tracker as an additional feature form the enrol/guest plugin. Another option is to implement your own enrolment plugin (enrol/ip?) inheriting all from enrol/guest and adding the restriction for the allowed IPs.

    There may be another option: set up a course with a guest access, and then restrict all elements be accessible to a given value on a user profile item. I didn't make it so take it as a suggestion.

    Regards,

    Jordi
  • Kat Luck
    Kat Luck
    Wed, 20 June 2018, 10:58 AM
    We started using this plugin however have subsequently found that when users are created with this auth method and we select "Generate password and notify user" they don't receive the email. This is happening when creating users both singularly or via the bulk upload. Has anyone else experienced this and do you have a workaroud?
  • c w
    c w
    Sun, 6 Jan 2019, 3:27 PM
    Hi, I have installed the plugin but the option of Authentication by IP is not reflecting in authentication. Plz guide...regards Chetan
  • Michael E
    Michael E
    Tue, 14 May 2019, 2:19 AM
    Hello. Is it possible to add LDAP accounts to this plugin? We would like to restrict LDAP login of certain accounts to the internal network only. Thanks!
  • Nbiz Infosol
    Nbiz Infosol
    Tue, 7 June 2022, 8:38 PM
    Thanks to the contributors, jordi, Robert,daniel and cristian. However i am unable add subnet feature which i see was enabled. but i cannot add for eg., 10.1.1.0 -255.0.0.0 to allow certain users to access anywhere from local network. but i dont want to give specific iP address. there is no help on how to add it in the list. Also there is only one list . does that mean all users will go through the same list. how do you provide individual ip addresses or range for individual user? hope my questions are clear
  • Jordi Pujol-Ahulló
    Jordi Pujol-Ahulló
    Fri, 19 Apr 2024, 5:12 PM
    Hi Judit,

    This plugin is minimally updated. We added full support for IPv4 adresses and network adressing (CIDR notation). I suppose that full suport for IPv6 notations is not currently implemented. I have not checked it, but from your comment, I understant it does not.

    I suggest you to rise an issue on the github repo, and, even better, provide a patch for supporting it.

    Thanks,

    Jordi
1 2
Please login to post comments