User Management account access controls for community portal
we need to ensure the administrative/privileged accounts require 1. Private Network and 2. Strong Authentication (Basic auth + MFA) access controls in-place.
I’m not aware of a way to do that. It’ll take a plugin. There’s a geofencing plugin that could be a start. Happy to help with that or you can ask in marketplace.
Wow! I didn’t know there was an admin allow-list! I’d guess it’ll take network addresses so you can give it a whole class C or whatever.
They’d need another admin to update the setting. But I would assume that this would be used when the admin uses a vpn to the company network, so if the address changed, it would mean he was no longer allowed to be an admin.
That is kind of my point. Limiting IP can and will be a potentially hazardous setup if an admin works outside the business world
If such a security measure is needed and there is only one admin and the admin is using an IP that can and will change, then using Varnish or a similar frontend for Discourse is a safer solution (unless the shell gives a backdoor).