Secure /admin-toaster/: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary Tag: Reverted |
||
Line 15: | Line 15: | ||
# sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf | # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf | ||
# remove temp.txt | # remove temp.txt | ||
# cat /etc/httpd/conf/ | # cat /etc/httpd/conf/<pre> | ||
<pre> | |||
RewriteEngine On | RewriteEngine On | ||
RewriteCond %{HTTPS} !=on | RewriteCond %{HTTPS} !=on |
Revision as of 14:06, 19 October 2024
Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (modify aclnet to suit)
Change /admin-toaster/ admin password
# htpasswd -b /usr/share/toaster/include/admin.htpasswd admin 'password'
Secure /admin-toaster/
# cat > temp.txt << __EOF__ RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1" __EOF__
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak # sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf # remove temp.txt
# cat /etc/httpd/conf/
RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Define aclnet "172.16.1.0/24 192.168.9.0/24 127.0.0.1" <IfModule mod_alias.c> ScriptAlias /mail/ /usr/share/toaster/cgi-bin/ Alias /admin-toaster /usr/share/toaster/htdocs/admin/ Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/ Alias /images-toaster/ /usr/share/toaster/htdocs/images/ Alias /scripts/ /usr/share/toaster/htdocs/scripts/ Alias /qmailadmin /usr/share/qmailadmin/ </IfModule> <Directory /usr/share/qmailadmin> AddHandler cgi-script .cgi AddHandler cgi-script qmailadmin DirectoryIndex index.cgi qmailadmin index.html Options +Indexes +FollowSymLinks +ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs> Options -Indexes +FollowSymLinks +MultiViews AllowOverride All <RequireAll> Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/admin> <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/htdocs/mrtg> AllowOverride All <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd Require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin/vqadmin> AllowOverride All Options ExecCGI <RequireAll> AuthType Basic AuthName "Qmail Toaster v. 1.3 Admin" AuthUserFile /usr/share/toaster/include/admin.htpasswd require valid-user Require ip ${aclnet} </RequireAll> </Directory> <Directory /usr/share/toaster/cgi-bin> AllowOverride All Options ExecCGI <RequireAll> Require ip ${aclnet} </RequireAll> </Directory>