Secure /admin-toaster/: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary Tag: Manual revert |
||
(16 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Configuration#Secure_/admin-toaster/|Back]]<br> | [[Configuration#Secure_/admin-toaster/|Back]]<br> | ||
= Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, | = Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)= | ||
Change /admin-toaster/ admin password | |||
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password' | |||
Secure /admin-toaster/ | |||
# cat > temp.txt << __EOF__ | |||
RewriteEngine On | |||
RewriteCond %{HTTPS} !=on | |||
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] | |||
Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1" | |||
__EOF__<br> | |||
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak | |||
# sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf | |||
# remove temp.txt | |||
# cat /etc/httpd/conf/toaster.conf | |||
<pre> | <pre> | ||
RewriteEngine On | RewriteEngine On |
Latest revision as of 13:07, 19 October 2024
Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)
Change /admin-toaster/ admin password
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password'
Secure /admin-toaster/
# cat > temp.txt << __EOF__ RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1" __EOF__
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf # remove temp.txt # cat /etc/httpd/conf/toaster.conf
RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "172.16.1.0/24 192.168.9.0/24 127.0.0.1" <IfModule mod_alias.c> ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ </IfModule> <Directory /usr/share/qmailadmin> AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs> Options -Indexes +FollowSymLinks +MultiViews AllowOverride All <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/admin> <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/mrtg> AllowOverride All <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin/vqadmin> AllowOverride All Options ExecCGI <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin> AllowOverride All Options ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory>