diff --git a/access/middleware.py b/access/middleware.py
new file mode 100644
index 0000000..edbb907
--- /dev/null
+++ b/access/middleware.py
@@ -0,0 +1,14 @@
+from django.http import HttpResponseForbidden
+
+
+class CheckPerm(object):
+
+    @staticmethod
+    def process_request(request):
+        if '/admin' in request.path or '/management' in request.path or '/analytics' in request.path:
+            if not request.user.is_authenticated():
+                return HttpResponseForbidden()
+
+            if not (request.user.in_role == "M" or request.user.in_role == "S" or request.user.in_role == "A" or request.user.is_admin):
+                return HttpResponseForbidden()
+
diff --git a/lms/settings.py b/lms/settings.py
index 4e062db..ed6cce3 100644
--- a/lms/settings.py
+++ b/lms/settings.py
@@ -103,6 +103,7 @@ MIDDLEWARE_CLASSES = [
     'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'access.middleware.CheckPerm',
 ]
 
 ROOT_URLCONF = 'lms.urls'
@@ -136,7 +137,7 @@ DATABASES = {
         'NAME': os.environ.get('DB_NAME', 'codemy'),
         'USER': os.environ.get('PG_ENV_POSTGRES_USER', 'team'),
         'PASSWORD': os.environ.get('PG_ENV_POSTGRES_PASSWORD', 'nu5Xefise'),
-        'HOST': os.environ.get('PG_PORT_5432_TCP_ADDR', '192.168.0.6'),
+        'HOST': os.environ.get('PG_PORT_5432_TCP_ADDR', '127.0.0.1'),
         'PORT': os.environ.get('PG_PORT_5432_TCP_PORT', '5432'),
     },
 }