For added security, it would be useful to be able to only allow particular users to login from white listed IP addresses.
- "Restrict login to Piwik only from these IP addresses" would be a global setting that would restrict all logins to a particular IP address.
- "Restrict a particular username to login from these IP addresses" would be a setting, per user, optional, that would restrict login by this username.
- UI: maybe we could extend the 'User Settings' mechanism , to also let Super User edit settings for other users.
- When a user goes to the login form, or tries to login, and the IP is not whitelisted, display a message "Access to this Piwik server is restricted. Please contact the admin to ask them to white list your IP address. more"
- Learn more link goes to a FAQ on Piwik.org, explaining the WhiteList feature, and also explaining "How do I disable IP whitelisting?"
- This would help a Super User deactivate the IP white listing feature, if he is locked out.
- UI: Ips will accept ranges, similarly to the "Ips to exclude" in the Websites settings.