AdminIPFilter

Description:

The Admin IP Filter module restricts access to the administration panel by IP address. It is very powerful, yet easy to install and configure.

Configuration:

You can restrict access to the admin using:

• a global whitelist of IP's.
• a per-user list of IP addresses.

Global IP Whitelist:

• Go to System / Configuration / Admin / Security
• Edit the field ‘IP Whitelist’. Multiple IPs should be separated by commas (,). You can also use IP Ranges (e.g., to filter dynamically-assigned IPs).
• If you’re configuring this module on a local site (e.g., in you development environment) you can also enable "Allow form Localhost". This will allow you to login to the Admin always as long as you’re doing it from 127.0.0.1

Per-User Configuration

To assign allowed IP addresses to your users:

• Go to System > Permissions > Users
• Edit the desired user.
• Find a field near the bottom where you can enter a comma-separeted list of IP addresses from which that user can connect to the Admin.

NOTE: This module will activate automatically Magento's default option "Remote Address Validation". This is activated to prevent users from opening their session on a approved IP and then using the same session to login through another (not approved) IP. This could happen for example if the user logged from your office with his laptop and then went home and attempted to log in again (i.e. having Remove Address Validation enabled will prevent him