Hi All
Is there any way of securing the directory express console with htaccess without effects to the Fedora gui console access ?
Regards Siggi
Sigurður Bjarnason wrote:
Hi All
Is there any way of securing the directory express console with htaccess without effects to the Fedora gui console access ?
I'm not sure what you mean. Most of the console should already be secured. Do you have some specific urls in mind?
Regards
Siggi
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Yes,
I would like to secure the front page, so you have to type in the password before you get the first page, The page the list up all the pages etc ..
regards Siggi
________________________________________ From: fedora-directory-users-bounces@redhat.com [fedora-directory-users-bounces@redhat.com] On Behalf Of Rich Megginson [rmeggins@redhat.com] Sent: Wednesday, April 30, 2008 2:28 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Express web console
Sigurður Bjarnason wrote:
Hi All
Is there any way of securing the directory express console with htaccess without effects to the Fedora gui console access ?
I'm not sure what you mean. Most of the console should already be secured. Do you have some specific urls in mind?
Regards
Siggi
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
Sigurður Bjarnason wrote:
Yes,
I would like to secure the front page, so you have to type in the password before you get the first page, The page the list up all the pages etc ..
That page is /usr/share/dirsrv/html/admserv.html. It is generated by the CGI URL /dist/download. I'm not sure how htaccess works - see /etc/dirsrv/admin-serv/admserv.conf for more information.
regards Siggi
From: fedora-directory-users-bounces@redhat.com [fedora-directory-users-bounces@redhat.com] On Behalf Of Rich Megginson [rmeggins@redhat.com] Sent: Wednesday, April 30, 2008 2:28 PM To: General discussion list for the Fedora Directory server project. Subject: Re: [Fedora-directory-users] Express web console
Sigurður Bjarnason wrote:
Hi All
Is there any way of securing the directory express console with htaccess without effects to the Fedora gui console access ?
I'm not sure what you mean. Most of the console should already be secured. Do you have some specific urls in mind?
Regards
Siggi
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
On Wed, 2008-04-30 at 10:04 -0600, Rich Megginson wrote:
Sigurður Bjarnason wrote:
Yes,
I would like to secure the front page, so you have to type in the
password before you get the first page, The page the list up all the pages etc ..
That page is /usr/share/dirsrv/html/admserv.html. It is generated by the CGI URL /dist/download. I'm not sure how htaccess works - see /etc/dirsrv/admin-serv/admserv.conf for more information.
.htaccess files are basically <directory> blocks stored in the directory they configure, rather than the main Apache configuration. They may have only a subset of the features available in the main config file, depending mostly on the AllowOverride directive in the primary config file. They're great for rapid prototyping of a complicated per-directory configuration in Apache, and widely used in shared hosting Apache environments. However, they have potentially bad implications for security, and definitely bad implications for performance. The performance hit happens just by enabling them, too, not just when the feature is in use (though that can make it worse). Looking at my own instance of FDS, they are quite properly disabled. Admserv.conf is probably the right place for any access control changes.
--
389-users@lists.fedoraproject.org