On Mar 31, 2017, at 06:38, Jan = Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:I've been trying this for ages, didn't work on the cgi-bin = dir, as that's a special case in apache. The /WebCatalog dir is easy to = rewrite (but did a redirect in apache config, as that's where the admins = have control, not the content writer), /cgi-bin/WebCatalog/Engine/Admin = refuses to be rewritten.
I'm hoping the WebDNA = specific code will rewrite correctly..
On March 29, 2017 at 10:27 PM Stuart Tremain <webdna@idfk.com.au> = wrote:
Or something as simple as addingRewriteCond %{SERVER_PORT} 80To .htaccessOn 30 Mar 2017, at 05:04, Michael Davis <admin@network13.net>= wrote:If you want = to lock down your Admin templates, and any template on the server that = is using plain http auth in the clear with the [protect] tag, add this = line to the top of your MultiGroupChecker:Not sure at = what version [thisport] was added, so you'll have to test with your = version.This = will redirect every [protect]-ed page on your server that is not = listening on port 443. So you'll need to assess whether this will = break any web sites you are serving. If you're not comfortable = putting this kind of blanket over the [protect] tag globally, you can = always add a qualifier:[if = ("[thisport]"!"443")&("[ThisURL]"^"/WebCatalogEngine/")][then][redirec= t https://MySecureDomainUsedToAccessWebCatalog[ThisURL]][/then][/= if]MDOn Mar = 27, 2017, at 1:52 AM, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:Hi,
Ok, we managed to secure = /WebCatalog/ dir with a permanent redirect to https, but the Admin dir = itself is placed in cgi-bin dir, which has a special status and can't be = handled in the same way. (other then redirecting the complete cgi-bin = dir)
To be = honest, I'm surprised that the application itself doesn't do anything to = improve security, other then username/password over an unencrypted link. = Personally I'm glad we can contain WebDNA in virtual 1 server. I = wouldn't want to provide services for several customers on 1 server with = it. It shows it's age.
On March = 9, 2017 at 2:46 PM Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:Hi,
With all the help, the = environment we're setting up is running as I (and more importantly, the = customer) expect it to.
Is there an official way to = secure the admin interface within WebDNA so connects are only accepted = on https? We're trying to add a rewrite via apache config for the = WebCatalogEngine/Admin dir, but somehow it feels as the wrong way to = secure the admin interface.
Vriendelijke groet,
|
On Mar 31, 2017, at 06:38, Jan = Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:I've been trying this for ages, didn't work on the cgi-bin = dir, as that's a special case in apache. The /WebCatalog dir is easy to = rewrite (but did a redirect in apache config, as that's where the admins = have control, not the content writer), /cgi-bin/WebCatalog/Engine/Admin = refuses to be rewritten.
I'm hoping the WebDNA = specific code will rewrite correctly..
On March 29, 2017 at 10:27 PM Stuart Tremain <webdna@idfk.com.au> = wrote:
Or something as simple as addingRewriteCond %{SERVER_PORT} 80To .htaccessOn 30 Mar 2017, at 05:04, Michael Davis <admin@network13.net>= wrote:If you want = to lock down your Admin templates, and any template on the server that = is using plain http auth in the clear with the [protect] tag, add this = line to the top of your MultiGroupChecker:Not sure at = what version [thisport] was added, so you'll have to test with your = version.This = will redirect every [protect]-ed page on your server that is not = listening on port 443. So you'll need to assess whether this will = break any web sites you are serving. If you're not comfortable = putting this kind of blanket over the [protect] tag globally, you can = always add a qualifier:MDOn Mar = 27, 2017, at 1:52 AM, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:Hi,
Ok, we managed to secure = /WebCatalog/ dir with a permanent redirect to https, but the Admin dir = itself is placed in cgi-bin dir, which has a special status and can't be = handled in the same way. (other then redirecting the complete cgi-bin = dir)
To be = honest, I'm surprised that the application itself doesn't do anything to = improve security, other then username/password over an unencrypted link. = Personally I'm glad we can contain WebDNA in virtual 1 server. I = wouldn't want to provide services for several customers on 1 server with = it. It shows it's age.
On March = 9, 2017 at 2:46 PM Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:Hi,
With all the help, the = environment we're setting up is running as I (and more importantly, the = customer) expect it to.
Is there an official way to = secure the admin interface within WebDNA so connects are only accepted = on https? We're trying to add a rewrite via apache config for the = WebCatalogEngine/Admin dir, but somehow it feels as the wrong way to = secure the admin interface.
Vriendelijke groet,
DOWNLOAD WEBDNA NOW!
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...