Secure /admin-toaster/: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary Tag: Manual revert |
||
| (11 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Configuration#Secure_/admin-toaster/|Back]]<br> | [[Configuration#Secure_/admin-toaster/|Back]]<br> | ||
= Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, | = Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)= | ||
Change /admin-toaster/ admin password | |||
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password' | |||
Secure /admin-toaster/ | |||
# cat > temp.txt << __EOF__ | # cat > temp.txt << __EOF__ | ||
RewriteEngine On | RewriteEngine On | ||
| Line 9: | Line 13: | ||
__EOF__<br> | __EOF__<br> | ||
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak | # mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak | ||
# | # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf | ||
# remove temp.txt | # remove temp.txt | ||
# cat /etc/httpd/conf/toaster.conf | # cat /etc/httpd/conf/toaster.conf | ||
Latest revision as of 14:07, 19 October 2024
Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)
Change /admin-toaster/ admin password
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password'
Secure /admin-toaster/
# cat > temp.txt << __EOF__
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1"
__EOF__
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak
# sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf
# remove temp.txt
# cat /etc/httpd/conf/toaster.conf
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Define aclnet "172.16.1.0/24 192.168.9.0/24 127.0.0.1"
<IfModule mod_alias.c>
ScriptAlias /mail/ /usr/share/toaster/cgi-bin/
Alias /admin-toaster /usr/share/toaster/htdocs/admin/
Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/
Alias /images-toaster/ /usr/share/toaster/htdocs/images/
Alias /scripts/ /usr/share/toaster/htdocs/scripts/
Alias /qmailadmin /usr/share/qmailadmin/
</IfModule>
<Directory /usr/share/qmailadmin>
AddHandler cgi-script .cgi
AddHandler cgi-script qmailadmin
DirectoryIndex index.cgi qmailadmin index.html
Options +Indexes +FollowSymLinks +ExecCGI
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs/admin>
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
Require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs/mrtg>
AllowOverride All
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
Require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/cgi-bin/vqadmin>
AllowOverride All
Options ExecCGI
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/cgi-bin>
AllowOverride All
Options ExecCGI
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>