<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Oct 14, 2015, at 08:11, Keith Larson <<a href="mailto:klarson@k12group.net" class="">klarson@k12group.net</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta content="IE=edge" http-equiv="X-UA-Compatible" class="">
<meta name="Generator" content="Novell Groupwise Client (Version 14.0.0 Build: 115243)" class="">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" class="">
<div style="font: 10pt/normal Segoe UI; margin: 16px 16px 4px; font-size-adjust: none; font-stretch: normal;" class=""><div id="GroupWiseSection_1444827994000_klarson@k12group.net_59511A0513870000BD1BF681F57056B0_" class="GroupWiseMessageBody"><div class="">is it possible to present a different instance of a page based on the source ip address? ie. two customers A and B. i want customer A to see a different version of a webpage than customer B. they have different ip ranges that they would be coming from based on their external nat. i would think that this can be done, but i'm not exactly sure how. i've done named virtual hosts with no problems.</div><div class=""> </div><div class="">i also don't want customer A to be able to see customer B's version or even know that it exists.</div></div></div></div></blockquote><div><br class=""></div><div>This is going to seem harsh, but my suggestion comes from experience. I've begged clients not to go down this road because it inevitably comes back to bite them, and usually me as well.</div><div><blockquote type="cite" class=""><div class="" style="font-size: 10pt; font-family: 'Segoe UI'; margin: 16px 16px 4px;"><div id="GroupWiseSection_1444827994000_klarson@k12group.net_59511A0513870000BD1BF681F57056B0_" class="GroupWiseMessageBody"><div class="">is it possible to present a different instance of a page based on the source ip address?</div></div></div></blockquote></div><div><br class=""></div><div>"Can it be done" is a different question than "should it be done".</div><div><br class=""></div></div>The answers are yes and no, respectively. An IP address, or even a range of addresses, is not a great way to handle authorization. IP addresses - especially source addresses - are subject to change without warning. Chances are the customer that's using your site won't even know about the change. The site will just break for them. Unless you're acting as the customer's ISP, you don't know or control the source address range. In a very simple example along the same lines, what happens when the customer is on the road, and wants to pull up your site from his phone? What will he see?<div class=""><br class=""></div><div class="">There are a couple of alternative approaches, one you've already hit on - named virtual hosts. Give each customer a different site name. It adds administrative overhead (you have to keep a list, and customers have to remember a unique site name), but it's something in your control and does not depend on external information (source address) you don't control.</div><div class=""><br class=""></div><div class="">Another alternative is authentication. If the content of the site is really proprietary to a customer (or might be in the future), you probably want to protect it. You could use the same login page for everyone, and then present them with distinct content after they have been identified/authenticated based on who they are. In the edu space, the site content may now or in the future (depending on what customers put on their site) be subject to FERPA, so setting up authentication now might be a good long-term investment.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">-rick</div></body></html>