Home Contact Buy Now
Home Download Video Free Buy Now Site Map Contact

How to Restrict Access by IP

Note: since version 1.17.83.4205, Time Tracker has its own built in mechanism to control access by IP on group level with an override capability for some users. Check this for more info. Information below is old documentation for those who want to restrict access on web directory level.

Some system administrators want to restrict access to Time Tracker to only a certain range of IP addresses. For example, it might be useful when you want employees to access the system only from company computers.

You can do it by editing the .htaccess file located in the root of your installation. However, for this file to work, your web server must first allow it. In case of Apache, this is done via AllowOverride All on the directory level.

The restriction procedure is a 2-step process:
  • Make sure that the web server allows usage of .htaccess file in your install directory.
  • Edit the file accordingly by uncommenting 3 lines in it and providing a specific IP address or a range.

Allow Using .htaccess File

Assuming Time Tracker is installed on Ubuntu in /var/www/html/timetracker. Edit web server configuration file (apache2.conf) and make sure it has the following:
<Directory /var/www/html/timetracker>
    AllowOverride All
</Directory>

Restart web server for the change to take effect:
sudo service apache2 restart

Restricting Access by IP

The .htaccess file in Time Tracker comes with a few examples, that are commented out and do not apply.
# Restrict access to Time Tracker only from certain IPs.
#
# See https://www.anuko.com/time_tracker/faq/restrict_access_by_ip.htm for  help.
# For this to work make sure AllowOverride is set to All in web server config file.
# Uncomment 3 lines below and set your IP accordingly.
#
# Order Deny,Allow
# Deny from all
# Allow from 127.0.0.1
#
# An example for an entire subnet 192.168.1.0 - 192.168.1.255.
# Order Deny,Allow
# Deny from all
# Allow from 192.168.1

To restrict access to localhost only:
Order Deny,Allow
Deny from all
Allow from 127.0.0.1


To restrict access to a range of IP addresses from 192.168.1.0 to 192.168.1.255:
Order Deny,Allow
Deny from all
Allow from 192.168.1

There are more examples here.

Time Tracker FAQ