Secure /admin-toaster/: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary Tag: Manual revert |
||
(11 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Configuration#Secure_/admin-toaster/|Back]]<br> | [[Configuration#Secure_/admin-toaster/|Back]]<br> | ||
= Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, | = Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)= | ||
Change /admin-toaster/ admin password | |||
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password' | |||
Secure /admin-toaster/ | |||
# cat > temp.txt << __EOF__ | # cat > temp.txt << __EOF__ | ||
RewriteEngine On | RewriteEngine On | ||
Line 9: | Line 13: | ||
__EOF__<br> | __EOF__<br> | ||
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak | # mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak | ||
# | # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf | ||
# remove temp.txt | # remove temp.txt | ||
# cat /etc/httpd/conf/toaster.conf | # cat /etc/httpd/conf/toaster.conf |
Latest revision as of 14:07, 19 October 2024
Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)
Change /admin-toaster/ admin password
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password'
Secure /admin-toaster/
# cat > temp.txt << __EOF__ RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1" __EOF__
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf # remove temp.txt # cat /etc/httpd/conf/toaster.conf
RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "172.16.1.0/24 192.168.9.0/24 127.0.0.1" <IfModule mod_alias.c> ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ </IfModule> <Directory /usr/share/qmailadmin> AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs> Options -Indexes +FollowSymLinks +MultiViews AllowOverride All <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/admin> <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/mrtg> AllowOverride All <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin/vqadmin> AllowOverride All Options ExecCGI <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin> AllowOverride All Options ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory>