django-admin-ip-restrictor
Readme
.. image:: https://travis-ci.org/sdonk/django-admin-ip-restrictor.svg?branch=master :target: https://travis-ci.org/sdonk/django-admin-ip-restrictor
.. image:: https://codecov.io/gh/uktrade/django-admin-ip-restrictor/branch/master/graph/badge.svg :target: https://codecov.io/gh/uktrade/django-admin-ip-restrictor
.. image:: https://img.shields.io/pypi/v/django-admin-ip-restrictor.svg :target: https://pypi.python.org/pypi/django-admin-ip-restrictor
.. image:: https://img.shields.io/pypi/pyversions/django-admin-ip-restrictor.svg :target: https://pypi.python.org/pypi/django-admin-ip-restrictor
.. image:: https://img.shields.io/pypi/l/django-admin-ip-restrictor.svg :target: https://pypi.python.org/pypi/django-admin-ip-restrictor
A Django middleware to restrict the access to the Django admin based on incoming IPs
Note that Django 3 has dropped support for Python 3.5
First install the package::
$ pip install django-admin-ip-restrictor
Then add the middleware to your settings::
MIDDLEWARE = [
...
'admin_ip_restrictor.middleware.AdminIPRestrictorMiddleware'
]
Set these variables in your settings.py to control who has access to the admin (IPV4 and IPV6 can be mixed)::
RESTRICT_ADMIN=True
ALLOWED_ADMIN_IPS=['127.0.0.1', '::1']
ALLOWED_ADMIN_IP_RANGES=['127.0.0.0/24', '::/1']
RESTRICTED_APP_NAMES=['admin']
TRUST_PRIVATE_IP=True
Use RESTRICTED_APP_NAMES to restrict the access to more apps. Admin app is always included.
If using environment variables make sure that the variables receive the right type of value.
django-admin-ip-restrictor automatically converts the following formats::
$ export RESTRICT_ADMIN='true'
$ export ALLOWED_ADMIN_IPS='127.0.0.1,::1'
$ export ALLOWED_ADMIN_IP_RANGES='127.0.0.0/24,::/1'
$ export RESTRICTED_APP_NAMES='wagtail_admin,foo'
For RESTRICT_ADMIN also these values can be used: True, 1, false, False, 0
Use TRUST_PRIVATE_IP to skip checking IP addresses from a trusted private network.
Full changelog at https://github.com/sdonk/django-admin-ip-restrictor/blob/master/CHANGELOG.rst
Install tox::
$ pip install tox
Install pyenv, use https://github.com/pyenv/pyenv#installation as reference.
Install Python versions in pyenv::
$ pyenv install 3.5.10
$ pyenv install 3.6.12
$ pyenv install 3.7.9
$ pyenv install 3.8.6
Specify the Python versions you want to test with::
$ pyenv local 3.5.10 3.6.12 3.7.9 3.8.6
Run tests::
$ tox
Fork the project and submit a PR!
FAQs
A Django middleware to restrict incoming IPs to admin panel
We found that django-admin-ip-restrictor demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.