Symfony2：app_dev.php只允許訪問IP？

Question

在我的Symfony2項目中，我希望只能通過我的IP地址訪問app_dev.php。就像在config.php我可以設置一個IP數組，因此這個文件不能被所有人訪問。 這也可能爲app_dev.php？

Answer 1

在app_dev.php你會發現下面的代碼

if (isset($_SERVER['HTTP_CLIENT_IP']) 
    || isset($_SERVER['HTTP_X_FORWARDED_FOR']) 
    || !in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', 'fe80::1', '::1')) 
) { 
    header('HTTP/1.0 403 Forbidden'); 
    exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.'); 
} 

您可以設置IP地址，從中你想在這裏訪問。

if (!in_array(@$_SERVER['REMOTE_ADDR'], array('Your IP address', '127.0.0.1', 'fe80::1', '::1')) 
) { 
    header('HTTP/1.0 403 Forbidden'); 
    exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.'); 
} 

Answer 2

set in virtual host 

/var/apache2/sites-avable 

<VirtualHost *:80> 
    ServerName domain.com/main 
    ServerAlias www.domain.com/main 
    DocumentRoot /var/www/domain/main/web 
    DirectoryIndex app_dev.php 
</VirtualHost> 

switch 

<VirtualHost 127.0.0.1:80> 
    ServerName domain.com/main 
    ServerAlias www.domain.com/main 
    DocumentRoot /var/www/domain/main/web 
    DirectoryIndex app_dev.php 
</VirtualHost> 

Answer 3

這是@ chanchal118的答案稍有不同。 我們的網站位於負載均衡器之後，因此IP的工作方式稍有不同。 希望對有相似設置的人有所幫助。

如果IP被欺騙，我也有興趣聽到關於安全問題的任何想法。

//todo this may be a security concern if someone managed to spoof their IP as one of these 
$allowedIPs = array('127.0.0.1', 'fe80::1', '::1', 'my.organisation.ip.address'); 

//allow app_dev.php only under these conditions (prevent for production environment) uses HTTP_X_FORWARDED_FOR because behind load balancer 
if (
    isset($_SERVER['HTTP_X_FORWARDED_FOR']) && 
    (! in_array(@$_SERVER['HTTP_X_FORWARDED_FOR'], $allowedIPs)) 
){ 
    header('HTTP/1.0 403 Forbidden'); 
    exit('You are not allowed to access the development environment.'); 
}