dear,

Sure,

 i am not checking this at client side i am checking client address at server side and make changes at server side.


On 09-Jun-2019, at 11:13 PM, Mike Jumper <mjumper@apache.org> wrote:

On Sun, Jun 9, 2019, 00:30 Manoj Patil <manoj2patil@gmail.com> wrote:

Dear,

Because of our employee work from Home and the security reason we kept those login ip in Mysql server and next time we only allow from that ip next one is we monitor there working hour also

Login history is already tracked:



hence we make come changes in .JS file

If login history weren't tracked, JavaScript would not be the place to add such tracking. Relying on the client side to report its own address or to enforce restrictions would mean that your solution is vulnerable to tampering.

Such tracking and enforcement can only safely be done server-side.

- Mike