Hi All Is there any way of securing the directory express console with htaccess without effects to the Fedora gui console access ? Regards Siggi
Sigurður Bjarnason wrote:> > Hi All > > > > Is there any way of securing the directory express console with > htaccess without effects to the Fedora gui console access ? >I''m not sure what you mean. Most of the console should already be secured. Do you have some specific urls in mind?> > > > Regards > > Siggi > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Yes, I would like to secure the front page, so you have to type in the password before you get the first page, The page the list up all the pages etc .. regards Siggi ________________________________________ From: fedora-directory-users-bounces@redhat.com [fedora-directory-users-bounces@redhat.com] On Behalf Of Rich Megginson [rmeggins@redhat.com] Sent: Wednesday, April 30, 2008 2:28 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Express web console Sigurður Bjarnason wrote:> > Hi All > > > > Is there any way of securing the directory express console with > htaccess without effects to the Fedora gui console access ? >I''m not sure what you mean. Most of the console should already be secured. Do you have some specific urls in mind?> > > > Regards > > Siggi > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Sigurður Bjarnason wrote:> Yes, > > I would like to secure the front page, so you have to type in the password before you get the first page, The page the list up all the pages etc .. >That page is /usr/share/dirsrv/html/admserv.html. It is generated by the CGI URL /dist/download. I''m not sure how htaccess works - see /etc/dirsrv/admin-serv/admserv.conf for more information.> regards > Siggi > > ________________________________________ > From: fedora-directory-users-bounces@redhat.com [fedora-directory-users-bounces@redhat.com] On Behalf Of Rich Megginson [rmeggins@redhat.com] > Sent: Wednesday, April 30, 2008 2:28 PM > To: General discussion list for the Fedora Directory server project. > Subject: Re: [Fedora-directory-users] Express web console > > Sigurður Bjarnason wrote: > >> Hi All >> >> >> >> Is there any way of securing the directory express console with >> htaccess without effects to the Fedora gui console access ? >> >> > I''m not sure what you mean. Most of the console should already be > secured. Do you have some specific urls in mind? > >> >> Regards >> >> Siggi >> >> >> >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
On Wed, 2008-04-30 at 10:04 -0600, Rich Megginson wrote:> Sigurður Bjarnason wrote: > > Yes, > > > > I would like to secure the front page, so you have to type in the > password before you get the first page, The page the list up all the > pages etc .. > > > That page is /usr/share/dirsrv/html/admserv.html. It is generated by > the CGI URL /dist/download. I''m not sure how htaccess works - see > /etc/dirsrv/admin-serv/admserv.conf for more information..htaccess files are basically <directory> blocks stored in the directory they configure, rather than the main Apache configuration. They may have only a subset of the features available in the main config file, depending mostly on the AllowOverride directive in the primary config file. They''re great for rapid prototyping of a complicated per-directory configuration in Apache, and widely used in shared hosting Apache environments. However, they have potentially bad implications for security, and definitely bad implications for performance. The performance hit happens just by enabling them, too, not just when the feature is in use (though that can make it worse). Looking at my own instance of FDS, they are quite properly disabled. Admserv.conf is probably the right place for any access control changes. --