Locking Down the Control Panel

Last Updated: Dec 09, 2016 09:47AM EST

IP Whitelisting

All computers on the internet can be identified by an IP address. With most web hosting it is possible to block or allow specific IP addresses. That means you can allow (or whitelist) specific computers to access the Control Panel. Note that this works best if your IP address is static or doesn't change often. If your IP changes frequently, then you may need to white list your region. Whitelisting an entire region isn't perfect, but it can still be an effective strategy. First, ask your Internet Service Provider (ISP) if your IP is static. If it's not static, then ask your ISP if they have a specific range of IP Addresses for your region.

You can find your current IP address by visiting the following URL:
https://www.google.com/search?q=what+is+my+ip

The Google Search will results will show something like this:
Ip Security

Whitelist using an ".htaccess" file.

Not all Windows Web Hosting supports .htaccess so check with your hosting provider. If you are hosting with ProductCart Live or NetSource, then this is our recommended method.

To enable IP Whitelisting simply create a file with the name .htaccess and place it within your control panel directory. The default folder is "pcadmin", but if you followed our general security recommendations the folder name likely changed.

Next, add the following code to the file and upload it to your server. Be sure to replace "172.98.78.42" with your own IP address and add as many IP addresses you want to white list.

Order Deny,Allow
Deny from all
Allow from 172.98.78.42


If your IP address is dynamic and changes often, then you can allow an entire range.

For example, the follow snippet of code allows all IP Addresses that begin with 172.98.78:
Order Deny,Allow
Deny from all
Allow from 172.98.78


It is also possible to allow the ranges for specific regions.  You can either contact your Internet Service Provider to obtain their IP ranges, or allow an entire country.  The following web site provides IP ranges for specific countries. Simply follow the instructions on this web site to generate the code and paste it into your .htacess file.
 

Whitelist using an "web.config" file.

All Windows Web Hosting supports the web.config file, but check with your hosting provider to make sure IP security is enabled. If you are hosting with ProductCart Live or NetSource, then use the .htacess method above.

To enable IP Whitelisting simply create a file with the name web.config and place it within your control panel directory. The default folder is "pcadmin", but if you followed our general security recommendations the folder name likely changed.

Next, add the following code to the file and upload it to your server. Be sure to replace "172.98.78.42" with your own IP address and add as many IP addresses you want to white list.

<security>
    <ipsecurity allowunlisted="false">
        <clear />
        <add ipaddress="172.98.78.42" />
    </ipsecurity>
</security>


If your IP address is dynamic and changes often, then you can allow an entire range.

For example, this blocks the network 172.98.78.0 to 172.98.78.255:
<security>
    <ipsecurity allowunlisted="false">
        <clear />
        <add ipaddress="172.98.78.0" subnetMask="255.255.255.0" />
    </ipsecurity>
</security>


It is also possible to allow the ranges for specific regions.  You can either contact your Internet Service Provider to obtain their IP ranges, or allow an entire country.  The following web site provides IP ranges for specific countries. Simply follow the instructions on this web site to generate the code and paste it into your web.config file.

647e99095133bd6d1ae916f97dc7f92f@productcart.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete