Back
Secures qmailadmin, vqadmin, qmailmrtq, and isoqlog, SSL & aclnet (change aclnet to suit)
# cat > temp.txt << __EOF__
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Define aclnet "192.168.2.0/24 192.168.9.0/24 127.0.0.1"
__EOF__
# mv /etc/httpd/conf/toaster.conf /etc/httpd/conf/toaster.conf.bak
# sed -e '$r /etc/httpd/conf/toaster.conf.bak' temp.txt > /etc/httpd/conf/toaster.conf
# remove temp.txt
# cat /etc/httpd/conf/toaster.conf
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Define aclnet "172.16.1.0/24 192.168.9.0/24 127.0.0.1"
<IfModule mod_alias.c>
ScriptAlias /mail/ /usr/share/toaster/cgi-bin/
Alias /admin-toaster /usr/share/toaster/htdocs/admin/
Alias /stats-toaster/ /usr/share/toaster/htdocs/mrtg/
Alias /images-toaster/ /usr/share/toaster/htdocs/images/
Alias /scripts/ /usr/share/toaster/htdocs/scripts/
Alias /qmailadmin /usr/share/qmailadmin/
</IfModule>
<Directory /usr/share/qmailadmin>
AddHandler cgi-script .cgi
AddHandler cgi-script qmailadmin
DirectoryIndex index.cgi qmailadmin index.html
Options +Indexes +FollowSymLinks +ExecCGI
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs/admin>
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
Require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/htdocs/mrtg>
AllowOverride All
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
Require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/cgi-bin/vqadmin>
AllowOverride All
Options ExecCGI
<RequireAll>
AuthType Basic
AuthName "Qmail Toaster v. 1.3 Admin"
AuthUserFile /usr/share/toaster/include/admin.htpasswd
require valid-user
Require ip ${aclnet}
</RequireAll>
</Directory>
<Directory /usr/share/toaster/cgi-bin>
AllowOverride All
Options ExecCGI
<RequireAll>
Require ip ${aclnet}
</RequireAll>
</Directory>