Priority: Normal
Current State: Closed
Released In:
Target Release: n/a
The section 'Protect the bin/configure command' in the
ApacheConfigGenerator is not 100% perspicious:
I miss two radio buttons with the content: 'and' and 'or' so that if you specifiy a IP and a user name you have the choice that the config allow
- acces from the IP OR with the username
- acces from the IP AND with the username
So in case 1. the apache config has the entry
Satisfy Any
:
<FilesMatch "^(configure)$">
SetHandler cgi-script
Order Deny,Allow
Deny from all
Allow from localhost 192.168.0.123
Require user TobiasVonDerKrone
Satisfy Any
</FilesMatch>
and in case 2.
Satisfy All
:
<FilesMatch "^(configure)$">
SetHandler cgi-script
Order Deny,Allow
Deny from all
Allow from localhost 192.168.0.123
Require user TobiasVonDerKrone
Satisfy All
</FilesMatch>
Also the section is misspelled: there is
- 'Protect the bin/confgure command' but should
- 'Protect the bin/configure command'
--
TobiasVonDerKrone - 11 Dec 2009
Interestingly, these radio buttons have been part of the forementioned section since
GeorgeClark introduced it in
revision 35 of ApacheConfigGenerator (look for variable
REQANDOR
), but they are commented out.
Should we simply enable them and add a reference to
Support.ProtectingYourConfiguration above the
FilesMatch
block for further explanation?
--
MarkusUeberall - 11 Dec 2009
Enabling the button and adding a reference would be a great idea. If I can help testing (or something else) please let me know.
--
TobiasVonDerKrone - 11 Dec 2009
Ok, even on second thought, I couldn't come up with a reason not to include this as long as it's documented properly at both places (form above/generated configuration below). I'll have a look at this tonight; you could try to change it yourself and beat me to it, though (since this topic is self-contained w.rt.t. the code, you can alway create a (local) sandbox copy if you're unsure, but this should only take a minor edit)
--
MarkusUeberall - 11 Dec 2009
Changed
ApacheConfigGenerator and added an example to
ProtectingYourConfiguration
Please review.
--
TobiasVonDerKrone - 11 Dec 2009
Thanks for your input. I slightly modified both topics (shortening the examples under the first and inserting mentioned reference as well as adding an if clause under the second one) and tested all eight cases.
Closing this task.
--
MarkusUeberall - 11 Dec 2009