Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd June 2009, 12:57
robertlouwen robertlouwen is offline
Senior Member
 
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
Default Apache *.conf files and security

Gentlemen,

In /etc/httpd/conf/httpd.conf is this line include conf.d/*.conf so out of curiosity I looked in /etc/httpd/conf.d and found among others :
  • BackupPC.conf
  • roundcubemail.conf
  • webalizer.conf
In these files you can find their alias, now when I go http://something.org/alias I get error 401, not authorized, error 403, forbidden and / or error 404, page not found.

If I change
Code:
order deny,allow
deny from all
allow from 127.0.0.1
Into this
Code:
order allow,deny
allow from all
#allow from 127.0.0.1
am I exposing my server to a security risk ?

PS when I changed the code the pages showed with or without username / password prompt.
__________________
With Respect, Robert
------------------------------------------------
Fedora 15 - ISPConfig v3.0.3.3
On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb

Last edited by robertlouwen; 2nd June 2009 at 13:13.
Reply With Quote
Sponsored Links
  #2  
Old 2nd June 2009, 16:21
HooGLaNDeR HooGLaNDeR is offline
Member
 
Join Date: Sep 2006
Posts: 49
Thanks: 7
Thanked 1 Time in 1 Post
Default

By altering these lines, you make it available for the whole world. If you have no problems with it, then theres no problem.
__________________
A computer is almost human - except that it does not blame its mistakes on another computer.
Reply With Quote
  #3  
Old 2nd June 2009, 16:59
robertlouwen robertlouwen is offline
Senior Member
 
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
Default

@ Hooglander,


In the mean time I tried some other allow from lines
  • allow from 192.168.0.1, my gateway, this works
  • allow from 192.168.0.10, a computer in my home network, does not work
  • allow from 192.168.0.100, my webserver, does not work
  • allow from 62.194.xxx.xxx, my internet IP, does not work
I would like to access these pages from every computer ( at work, at friends, when with holyday )
There is no need for the world to access these pages.
__________________
With Respect, Robert
------------------------------------------------
Fedora 15 - ISPConfig v3.0.3.3
On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb
Reply With Quote
  #4  
Old 2nd June 2009, 17:02
id10t id10t is offline
Senior Member
 
Join Date: Nov 2008
Posts: 240
Thanks: 2
Thanked 22 Times in 22 Posts
Default

You can do it with a ssh tunnel...
Reply With Quote
  #5  
Old 2nd June 2009, 17:04
robertlouwen robertlouwen is offline
Senior Member
 
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
Default

ssh tunnel ????
__________________
With Respect, Robert
------------------------------------------------
Fedora 15 - ISPConfig v3.0.3.3
On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb
Reply With Quote
  #6  
Old 2nd June 2009, 17:12
HooGLaNDeR HooGLaNDeR is offline
Member
 
Join Date: Sep 2006
Posts: 49
Thanks: 7
Thanked 1 Time in 1 Post
 
Default

Code:
      Order Deny,Allow
      Deny From All
      Allow From 127.0.0.1
      Allow From 192.168.0.1
      Allow From 192.168.0.100
      Allow From 62.194.xxx.xxx
Alternatively, you can allow it to the world, but protect it with .htaccess
__________________
A computer is almost human - except that it does not blame its mistakes on another computer.
Reply With Quote
Reply

Bookmarks

Tags
apache2, fedora 10, ispconfig 3.0.1.3

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
freebsd 7, samba 3, domain controller alexdimarco Suggest HOWTO 6 5th November 2010 16:54
ffmpeg Video support for ubuntu 7.10 [suphp-ispconfig] amaurib Installation/Configuration 13 16th February 2010 17:26
Samba creates huge tmp, prf files on XP client and doesnt load profile. skirao Server Operation 0 22nd October 2008 16:01
IspConfig with Roundcubemail - Security hrvbid Installation/Configuration 5 22nd September 2008 09:58
ubuntu 8.04 server installation of ispconfig fails DocProc Installation/Configuration 27 5th June 2008 21:23


All times are GMT +2. The time now is 14:18.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.