[LON-CAPA-users] Restricting Resources By IP Address

Mills, Douglas G dmills at illinois.edu
Tue Feb 5 15:13:48 EST 2019


Here is what I'm finding. I'm using the IP address of my own computer for testing. At the course level I set !130.126.123.12 for the parameter "Client IP/Name Access Control [Part: 0]"  Then in a folder I choose to represent the exam to be taken in the testing center, I enter 130.126.123.12 for the same parameter at the folder level.

What I find is that with the course coordinator role I continue to see everything. That's no problem but means you have to switch to student role to test the results. As a student on my computer with that IP address, it works as I had hoped: I can access the content of the "exam" folder but everything else in the course shows up as "Not open to be viewed from this location" (note that if "Hide Closed Discussion" is not set to "yes" the discussions attached to problems continue to be visible even though the problems are not).

HOWEVER, when I go to a different computer -- emulating a computer outside of the testing center, NOTHING in the course is accessible. EVERYTHING in the course, the "exam" folder along with everything else, says that it is not open to be viewed from this location.

My theory then is that using the ! operator in front of the IP address either requires a syntax I'm not using (I've tried direction in front of the IP, with a space between ! and IP, and with ! followed by IP wrapped in parens...) or is simply not understood. Thus although it appears to work correctly on my computer because the exam is to be accessed only from my IP and nothing else is to be accessed, from any other IP address Lon-Capa is treating the !IP entry as an IP address to be matched and since nothing matches that, nothing is available...

Is that what's going on or is there yet some way to "blacklist" IPs we don’t want the content accessed from?

 Thank you!

Doug

 

Douglas Mills

Director of Instructional Technology

Department of Chemistry

University of Illinois


 

On 2/5/19, 11:35 AM, "LON-CAPA-users on behalf of Mills, Douglas G" <lon-capa-users-bounces at mail.lon-capa.org on behalf of dmills at illinois.edu> wrote:

    To clarify a bit further,  we are looking at presenting exams in a testing center. The testing center eliminates access to other IP addresses, so our interest is indeed eliminating access to other course materials  from the IP address of the student’s computer.  We do use the technique Stuart has outlined in many of our exams, locking out access to other parts of the course via the start timer. The concern in this case is that one thing the testing center would not manage well is the possibility that a student could log into the course and open additional course resources in other tabs before starting the exam timer. The testing center accommodates exams from multiple courses at one time and Lon-Capa will be a new means of delivery for them, so this possibility will not likely be monitored well.
    
    That said, if putting ! in front of a range of IPs in a slot works then my thought is to essentially put the whole course into a slot which excludes access to the course from the testing center range of IPs and then override that at the folder level for the exams themselves with a slot that only allows access from the testing center IP range. Does that sound feasible?
    
    Doug
    
    -sent from mobile-
    
    > On Feb 5, 2019, at 11:05 AM, Bynum, Lee Hamilton <leebynum at illinois.edu> wrote:
    > 
    > It isn't a perfect match, but it's definitely a step in the right direction.  Thanks Stuart!
    > 
    >> -----Original Message-----
    >> From: LON-CAPA-users <lon-capa-users-bounces at mail.lon-capa.org> On
    >> Behalf Of lira at egr.msu.edu
    >> Sent: Tuesday, February 5, 2019 10:55 AM
    >> To: 'Discussion list for LON-CAPA users' <lon-capa-users at mail.lon-capa.org>
    >> Subject: Re: [LON-CAPA-users] Restricting Resources By IP Address
    >> 
    >> Slots block the IP address student where the student can log in, not the IP
    >> ranges that they access AFTER they are logged in. Just precede the IP address
    >> range with !. However, that does not do what you are seeking, which is to
    >> block browser access to certain IP ranges AFTER they are logged in.
    >> 
    >> From: LON-CAPA-users [mailto:lon-capa-users-bounces at mail.lon-capa.org]
    >> On Behalf Of Bynum, Lee Hamilton
    >> Sent: Tuesday, February 05, 2019 11:31 AM
    >> To: lon-capa-users at mail.lon-capa.org
    >> Subject: [LON-CAPA-users] Restricting Resources By IP Address
    >> 
    >> Hello Everyone,
    >> 
    >> We've been working with Lon-Capa's ability to grant access to a resource by
    >> IP address in order to allow an exam to only be accessed when a student is in
    >> an exam room.  This can be done with slots and resources parameters.
    >> However, we would also like to deny access to resources (or courses)  by IP
    >> address.  That way when a student is in the exam room they have access to
    >> the exam but do not have access to the rest of the course.
    >> 
    >> Does anyone know if there is a way to blacklist IP addresses for Lon-Capa
    >> resources or slots?
    >> 
    >> Lee
    >> 
    >> _______________________________________________
    >> LON-CAPA-users mailing list
    >> LON-CAPA-users at mail.lon-capa.org
    >> http://mail.lon-capa.org/mailman/listinfo/lon-capa-users
    > _______________________________________________
    > LON-CAPA-users mailing list
    > LON-CAPA-users at mail.lon-capa.org
    > http://mail.lon-capa.org/mailman/listinfo/lon-capa-users
    _______________________________________________
    LON-CAPA-users mailing list
    LON-CAPA-users at mail.lon-capa.org
    http://mail.lon-capa.org/mailman/listinfo/lon-capa-users
    



More information about the LON-CAPA-users mailing list