2nd June 2009, 12:57
|
|
Senior Member
|
|
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
|
|
Apache *.conf files and security
Gentlemen,
In /etc/httpd/conf/httpd.conf is this line include conf.d/*.conf so out of curiosity I looked in /etc/httpd/conf.d and found among others :
- BackupPC.conf
- roundcubemail.conf
- webalizer.conf
In these files you can find their alias, now when I go http://something.org/alias I get error 401, not authorized, error 403, forbidden and / or error 404, page not found.
If I change
Code:
order deny,allow
deny from all
allow from 127.0.0.1
Into this
Code:
order allow,deny
allow from all
#allow from 127.0.0.1
am I exposing my server to a security risk ?
PS when I changed the code the pages showed with or without username / password prompt.
__________________
With Respect, Robert ------------------------------------------------ Fedora 15 - ISPConfig v3.0.3.3 On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb
Last edited by robertlouwen; 2nd June 2009 at 13:13.
|
2nd June 2009, 16:21
|
|
Member
|
|
Join Date: Sep 2006
Posts: 49
Thanks: 7
Thanked 1 Time in 1 Post
|
|
By altering these lines, you make it available for the whole world. If you have no problems with it, then theres no problem.
__________________
A computer is almost human - except that it does not blame its mistakes on another computer. 
|
2nd June 2009, 16:59
|
|
Senior Member
|
|
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
|
|
@ Hooglander,
In the mean time I tried some other allow from lines - allow from 192.168.0.1, my gateway, this works
- allow from 192.168.0.10, a computer in my home network, does not work
- allow from 192.168.0.100, my webserver, does not work
- allow from 62.194.xxx.xxx, my internet IP, does not work
I would like to access these pages from every computer ( at work, at friends, when with holyday )
There is no need for the world to access these pages.
__________________
With Respect, Robert ------------------------------------------------ Fedora 15 - ISPConfig v3.0.3.3 On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb
|
2nd June 2009, 17:02
|
|
Senior Member
|
|
Join Date: Nov 2008
Posts: 233
Thanks: 2
Thanked 22 Times in 22 Posts
|
|
You can do it with a ssh tunnel...
|
2nd June 2009, 17:04
|
|
Senior Member
|
|
Join Date: Apr 2009
Location: Brielle, Netherlands
Posts: 141
Thanks: 20
Thanked 3 Times in 2 Posts
|
|
ssh tunnel ????
__________________
With Respect, Robert ------------------------------------------------ Fedora 15 - ISPConfig v3.0.3.3 On Dell Optiplex GX270, Pentium 4, 2.8 GHz, 1024 Mb
|
2nd June 2009, 17:12
|
|
Member
|
|
Join Date: Sep 2006
Posts: 49
Thanks: 7
Thanked 1 Time in 1 Post
|
|
Code:
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.0.1
Allow From 192.168.0.100
Allow From 62.194.xxx.xxx
Alternatively, you can allow it to the world, but protect it with .htaccess
__________________
A computer is almost human - except that it does not blame its mistakes on another computer.
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +2. The time now is 11:16.
|
English | 
Deutsch
Recent comments
1 day 13 hours ago
1 day 15 hours ago
2 days 3 hours ago
2 days 6 hours ago
2 days 10 hours ago
2 days 16 hours ago
3 days 2 hours ago
3 days 3 hours ago
3 days 12 hours ago
3 days 13 hours ago