=
---------------------------------------=------------------ This message is sent to you because you are subscribed t=o the mailing list
Vriendelijke groet,
|
Chris,
Thanks for the reply. Ubuntu is a bit more adv=anced then RedHat/CentOS. We're stuck with CentOS, which ships with =9;httpd' 2.4.6-45 (apache, but an oldie). When I add the rewrite rule i=t just does nothing with it. Login reports a password needed for http://<site>/cgi-b=in/.../Admin/.... It looks like a rewrite on the WebCatalog dir is the =only way to get a redirect, as long as the user doesn't use the short-c=ut.
On April 1, 2017 at 3:18 PM christophe.billiott=et@webdna.us wrote:
I tested this and was able to make it work. I reset my workstation=9;s apache config to pretty close to stock, and installed WebDNA Server 8.5=..1 with the Ubuntu 14 installer. I put this right in the apache config'=s virtual host:
RewriteEngine On
RewriteCond %{HTTPS} off
Re=writeRule "^/cgi-bin/WebCatalogEngine/Admin/" https://%{HTTP_HOST}%{REQUEST_UR=I} [L,R=3D301,NC]
I ran quite a few tests and it worked as e=xpected. Hopefully that looks good, please let me know if there are any pro=blems.- chris<=div class=3D"">On Mar 31, 2=017, at 06:38, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:I've been trying this for ages, didn't work on =the cgi-bin dir, as that's a special case in apache. The /WebCatalog di=r is easy to rewrite (but did a redirect in apache config, as that's wh=ere the admins have control, not the content writer), /cgi-bin/WebCatalog/E=ngine/Admin refuses to be rewritten.
I='m hoping the WebDNA specific code will rewrite correctly..
On March 29, 2017 at 10:27 PM Stuart Tremain =60;webdna@idfk.com.au&=#62; wrote:
Or something as simple as adding RewriteC=ond %{SERVER_PORT} 80RewriteRule ^(.*)$ https://yoursecureddomain.com/$1<=span class=3D"ox-f6d7ced66a-Apple-converted-space"> [R,L]=To .htaccessOn 30 Mar 2017, at 05:04, Michael Davis <admin@network13.net> wrote:If you want to lock down= your Admin templates, and any template on the server that is using plain h=ttp auth in the clear with the [protect] tag, add this line to the top of y=our MultiGroupChecker:=Not sure at what version [thisport] w=as added, so you'll have to test with your version.This will redirect every [protect]-e=d page on your server that is not listening on port 443. So you'l=l need to assess whether this will break any web sites you are serving. =60;If you're not comfortable putting this kind of blanket over the [pro=tect] tag globally, you can always add a qualifier:MD=On Mar 27, 2017, at 1:52 AM, Jan Huijsmans =0;jan.huijsmans@b=aruch-ict.nl> wrote:Hi,
Ok, we managed to secure /We=bCatalog/ dir with a permanent redirect to https, but the Admin dir itself =is placed in cgi-bin dir, which has a special status and can't be handl=ed in the same way. (other then redirecting the complete cgi-bin dir)
To be honest, I'm surprised that the =application itself doesn't do anything to improve security, other then =username/password over an unencrypted link. Personally I'm glad we can =contain WebDNA in virtual 1 server. I wouldn't want to provide ser=vices for several customers on 1 server with it. It shows it's age.
=On March 9, 2017 at 2:46 PM Jan Huijsmans <jan.huijsmans@baruc=h-ict.nl> wrote:Hi,
=With all the help, the environment we're setting up is ru=nning as I (and more importantly, the customer) expect it to.
Is there an official way to secure the admin interface within WebDNA =so connects are only accepted on https? We're trying to add a rewr=ite via apache config for the WebCatalogEngine/Admin dir, but somehow it fe=els as the wrong way to secure the admin interface.
Vriendelijke groet,
=
---------------------------------------=------------------ This message is sent to you because you are subscribed t=o the mailing list
Vriendelijke groet,
DOWNLOAD WEBDNA NOW!
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...