How to Restrict Access to RecTrac 3.1 by IP Address
Problem
With RecTrac 3.1 being a web-based application, can you restrict access based on where the user is logging in from? If so, how?
Solution
Yes, you can allow/prevent access to RecTrac 3.1 based on where the user is logging in from.
Already in use primarily by RecTrac 3.1 hosted customers, anyone can setup allowances and restrictions in the Application Security profile. This profile lets you define a list of Whitelist and/or Blacklist IP Addresses to determine from where users can and cannot access the application. While you can link this profile at any level, the typical linkage would be at the default level. You can put in IP ranges, wildcards, etc.
If you are hosted and you only have one LAN and the external IP is 71.169.109.100 you would enter that one IP in the Whitelist and nobody would be able to access RecTrac from outside the LAN. If you wanted to make an exception for the Admin user, you could link a different Application Security Profile to that User with blank IPs (thereby allowing them to access regardless of IP), or maybe just the IP of City Hall, or other remote site. Keep in mind that setting a restriction for a particular users home IP address could be difficult to manage because their IP, as seen by the application, is likely to change.
The IP being restricted will be the IP address that RecTrac sees the traffic coming from, so in a hosted situation it will be the External IP of their network, not local IPs of the individual PCs. In a LAN situation, where the servers is on the LAN you could use this to restrict access RecTrac down to specific computers on the LAN using the local IPs assuming traffic is going direct to the server on the LAN.
If a restriction is encountered, users are prompted for an Access Code, as in the second screen shot attached.
See Attachment: Application_Security_whitelist.docx