Jump to content
The Uniform Server Community
kc0fhm

access control?

Recommended Posts

OK So a friend and I have set up uniform server and all seems well

 

we want to publish our web sites to it, that seems to be working OK , I can publish my site using NVU on my linux box here at my office, However if we set the sites up so everyone on the web can see them then it seems everyone on the web can write to them!!!! without passwords or security, I know I'm misiing something after looking over the Unicenter site I'm not sure what.

 

we want to allow all to read but only the web administrators to be able to publish to their respectivew sites

 

Using htaccess I can give myself my own password for my site but then only those with that password can access the site to see what I've posted, and then it's really not a web site is it?

 

please just point me in the right direction.

Share this post


Link to post
Share on other sites

What do you mean others can publish to it... Without password.

 

I mean I can write directly to the server without any info in the uername and password fields

 

If I # the password authentication lines in htaccess and the deny from all lines then anyone can write to the server

 

if I take the #'s signs out to require athentication then if someone accesses the site just to view it they are asked for a username and password

Share this post


Link to post
Share on other sites

I mean I can write directly to the server without any info in the uername and password fields

 

If I # the password authentication lines in htaccess and the deny from all lines then anyone can write to the server

 

if I take the #'s signs out to require athentication then if someone accesses the site just to view it they are asked for a username and password

 

basically what we need is read access to everyone on the web and write(publish) access to those with authorised usernames and passwords, and since currently we are trying to host three sites, different usernames and passwords for the three different administrators I'm sure the directions for doing this are somewhere but I'm just a little lame at finding them.

Share this post


Link to post
Share on other sites

Edit /usr/local/apache2/conf/httpd.conf file, look for the part that loads the mod_dav module and comment it out.

 

It should say something like Loadmodule..... ?

 

the conf file mentioned above doesn't seem to be able to open with windows

 

I think I have figured this out

 

you add an htaccess file to the site folder

 

un comment allow all, then un comment the 4 auth lines to allow for password authentication for publishing so far that seems to be working I hope

 

thanks

Share this post


Link to post
Share on other sites

the conf file mentioned above doesn't seem to be able to open with windows

 

I think I have figured this out

 

you add an htaccess file to the site folder

 

un comment allow all, then un comment the 4 auth lines to allow for password authentication for publishing so far that seems to be working I hope

 

thanks

 

BTW

 

that stuff didn't work the server stillwants me to sign in initialy then I can go wherever I want

 

how do I open read access while limitin write access(publishing)

Share this post


Link to post
Share on other sites

Edit /usr/local/apache2/conf/httpd.conf file, look for the part that loads the mod_dav module and comment it out.

 

It should say something like Loadmodule..... ?

 

That file exists!

Open it with Notepad or Wordpad.

Share this post


Link to post
Share on other sites

That file exists!

Open it with Notepad or Wordpad.

 

yes I figured that out but I don't think it did what I'm after, Ill try it again.

 

I'll try to explain

 

we have three sites (www) all need read access by everyone that types in the address on the web

 

wrtie access has to be limited to the site admin Password protected

 

I'm sure it's real simple but I haven't found the write place yet

 

thanks

Share this post


Link to post
Share on other sites

Perhaps I'm just misunderstanding, but it seems illogical to have write access at all... People cannot naturally have access to write files to a server, or any computer. Normally you give people write or upload access via FTP, which you setup using an FTP server - Uniform Server is not an FTP server, and should not have any write access turned on by default, only the local computer can edit the files unless you setup an FTP server.

Share this post


Link to post
Share on other sites

That file exists!

Open it with Notepad or Wordpad.

 

Using HT access didn't work for creating multiple user accounts mod_dav did nothing

so I moved on to slimftp installed and it works great but how do you once again create multiple users and limit them to there own websites? I need my idividual web authors to be able to update their own sites by remote without being a danger to other websites, I know you can create individual users with most FTP

 

when I follow the instructions in slimftp.conf I can change the admin to whatever I want

 

but when I add another user it quits working and yes I save the CONF file then stop and restart slimftp

 

I've also tried restarting the server

 

thanks

Share this post


Link to post
Share on other sites

Using HT access didn't work for creating multiple user accounts mod_dav did nothing

so I moved on to slimftp installed and it works great but how do you once again create multiple users and limit them to there own websites? I need my idividual web authors to be able to update their own sites by remote without being a danger to other websites, I know you can create individual users with most FTP

 

when I follow the instructions in slimftp.conf I can change the admin to whatever I want

 

but when I add another user it quits working and yes I save the CONF file then stop and restart slimftp

 

I've also tried restarting the server

 

thanks

I figured it out I just wasn't getting the scripts right

 

I now have it set up the way I wanted I Think

Share this post


Link to post
Share on other sites

Ok :D

 

regarding Slimftpd?

 

Is there a way to make the passwords (and perhaps usernames) Case sensitive

 

that would improve security

 

thanks

 

BTW Slimftpd has solved all of our publishing and remote access issues everyone with a site has been able to access their site either with a publisher NVU or front page or through an FTP Client.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...