0

I am just working on my new maintenance mode function. I would like to be able to see all other pages while everyone else will be seeing a maintenance page. Is there a way I can add my IP so that only my IP can have access to all files?

I would like to be able to somehow put my IP in this hook file.

I have set up the hooks and such.

In my app/hooks file:

    public function __construct() {
        log_message('debug','Accessing site_offline hook!');
    }

    public function is_offline() {
        if(file_exists(APPPATH.'config/config.php')) {
            include(APPPATH.'config/config.php');

            if(isset($config['is_offline']) && $config['is_offline']===TRUE) {
                $this->show_site_offline();
                exit;
            }
        }
    }

    private function show_site_offline() {
        $this->load->view('common/header');
        $this->load->view('common/maintenance');
        $this->load->view('common/footer');
    }
}
NorthBridge
  • 639
  • 8
  • 20

1 Answers1

0

If maintenance mode is active, then you could perform the following check, which will determine if the user is attempting to view the site from the allowed IP address.

$allowed_ip = '192.168.1.1'; // Whatever your IP address is

if ($_SERVER['REMOTE_ADDR'] == $allowed_ip)
{
   // Load the site
}
else
{
    // Load the maintenance page
}

It is possible to spoof the IP address, although in practice this is difficult; this is a fairly safe approach. Another approach would be to authenticate yourself, set up a session and if this session exists, load the appropriate view(s).

It may be worth looking at CodeIgniter's Config Class documentation, the best practice is to load config items like this:

$this->config->item('is_offline');

Rather than:

$config['is_offline']
Community
  • 1
  • 1
jleft
  • 3,457
  • 1
  • 23
  • 35
  • I have config files set up from this website here got info https://github.com/EllisLab/CodeIgniter/wiki/I-want-to-take-my-site-offline-for-maintenance---rogierb –  Apr 08 '14 at 12:16
  • what would you recommend instead of ip. –  Apr 08 '14 at 12:18
  • That setup is using the _pre system_ hook, so it is called before the config class is loaded by CodeIgniter, hence why it is using an include to gain access to the config file and using the array directly, rather than the function I posted above. – jleft Apr 08 '14 at 12:22
  • If your application isn't of a security critical nature (banking etc.) and there aren't any threats on your local network, then I'd use the IP approach. You could always combine this approach with another, such as user authentication to improve security. – jleft Apr 08 '14 at 12:25