This patch adds a block for https:// user login and gives the ability to lock user sessions to an IP or/and user agent. I haven't actually tried to spoof anything to make sure it actually works, but the theory is all there for DRUPAL-4-7.

CommentFileSizeAuthor
session_control.security.patch5.04 KBdeekayen

Comments

Bèr Kessels’s picture

Bèr Kessels commented
Status: Needs review » Closed (duplicate)

Moved the patch to http://drupal.org/node/1577