Overview
It is possible to restrict access to a certain document or folder based on the IP range of the users opening it.
This means we can achieve certain documents only being accessible when on a known network, e.g. an office, but block access when the same document is attempted to be opened from a different location outside of the desired IPs.
Please note: Application administrators of the Documents application will always be able to see all files and folders from the admin side, regardless of the IP they are accessing from.
How to enable:
Security Level is disabled by default, so if you want to try this out, please raise a support ticket requesting this, and we will enable it for your site.
Once this is enabled, it will display as 'ON' in Admin > Documents:
Set up once enabled:
An application administrator of People can navigate to Admin > People > Configure IP ranges
Here, they can enter the desired IP ranges and choose the security level of documents that they can access.
Review & update your files and folders in the Documents application:
The Security level can be set for a folder or file by editing its permissions, changing the field for this and saving:
If permissions are set to inherit, the security level will be inherited.
The security level can only be changed at sub-levels if permissions are not set to inherit.
Once the security level has been set, users who are not in the IP range to view that content will not see the folder/file listed in Documents on the front end or in any documents page components that are set to display them.
Test
Once the security levels have been set across your folders and files, and the IP configuration area has the desired ranges entered against each level, you are ready to test.
Have a use access from certain IPs to check what they can/can't access is in line with the configuration you have created.
