There are probably several ways to solve this problem.
I have 2 indexes. One is to be open to the public and the other I wish to
restrict to a particular IP range (ours). I am using server side includes
in apache to direct queries from my main search page to the appropriate
vortex script.
However it is fairly trivial to overide this by changing the Url, assuming
you know what to change it to.
How can I protect my private index ?
Also it is possible to specify the db to use on the url by adding
db=dbname, is it possible to disable this, and if so how ? I am using the
standard vortex script supplied with webinator.
The simplest way would be to copy the search script. Have one copy
for public use and one for private. In the private one, check the
value of $REMOTE_ADDR for acceptability in the init function. e.g.
<substr $REMOTE_ADDR 0 11>
<IF $ret neq "198.49.220.">
<H3>Permission Denied</H3>
You do not have permission to access this database.
<exit>
</IF>
In the init function of both copies, set the $db variable unconditionally
to the correct one so that it may not be overridden.
