Setting up an Access List

Introduction

To increase the security level in the TGP Rotator control panel, versions 3.6.1 and newer have implemented an access list feature. This feature allows you to specify a list of "safe" IP addresses which will be allowed to access all functions of the control panel. Anyone who connects to your control panel from an IP address other than those in the list will not be able to access those functions. By default the access list feature is disabled, but it is highly recommended that all users utilize this feature for increased security.

Enabling the Access List Feature

To enable this feature you need to create a plain text file named access_list with one IP address per line. Each IP address that is listed in this file will be able to access all functions of the software control panel. You should keep this list as small as possible so that only the absolutely necessary IP addresses are listed. Here is an example of how your IP address list might look:

193.194.69.66
200.126.159.2
201.235.88.*
130.194.64.162

Once you have your access list created and saved in a file named access_list, upload that file to the data directory of your TGP Rotator installation. It should be uploaded in ASCII mode and have it's permissions set to 644. Having this file in your data directory will immediately enable the access list feature.

Wildcards

It is possible to use the * character within your IP address list to indicate a wildcard character. As you may have noticed, the example above includes a wildcard in the third IP address in the list. That * character means any number can appear in that position, which would give access to anyone coming from an IP address in the 201.235.88.0 through 201.235.88.255 range. You can use multiple wildcards, but this is not recommended since it will open up a large range of IP addresses.

Restricted Functions

When you have the access list feature enabled, this will affect several of the control panel functions. Each of those functions are listed below. If you try to access any of these functions in the control panel when you are not accessing it from an IP address in the access list, you will be presented with an error message and will not be allowed to run that function. You will need to add your IP address to the access list before you will be able to run these functions.