/adei/trunk : contents of docs/security.txt at revision 512

: (revision 512)

To get this branch, use:

bzr branch
http://darksoft.org/webbzr/adei/trunk

Sample security configuration for apache:

    <Location /adei-katrin/>
        SetEnvIf REQUEST_URI ^ ADEI_SECURITY 1
        SetEnvIf REMOTE_ADDR 141.52.64.104 ADEI_ADMIN=1
#       SetEnvIf REMOTE_ADDR 141.52.64.104 ADEI_CONTROL=1
    </Location>
    <Location /adei-katrin/admin/>
	Order		deny,allow
	Deny		from all

        AuthType        Basic
        AuthName        "ADEI/Admin Authentication"
        AuthBasicProvider file
        AuthUserFile    /srv/auth/katrin.passwd
        Require         valid-user
        Satisfy         Any
    </Location>
    <Location /adei-katrin/services/control.php>
	Order		deny,allow
	Deny		from all

        AuthType        Basic
        AuthName        "ADEI/Control Authentication"
        AuthBasicProvider file
        AuthUserFile    /srv/auth/katrin.passwd
        Require         valid-user
        Satisfy         Any

        SetEnvIf REQUEST_URI ^ ADEI_USERAUTH=1
    </Location>

436 by Suren A. Chilingaryan Remove hardcoded-security and replace it with one based on environmental variables	1	Sample security configuration for apache:
	2
	3	<Location /adei-katrin/>
	4	SetEnvIf REQUEST_URI ^ ADEI_SECURITY 1
	5	SetEnvIf REMOTE_ADDR 141.52.64.104 ADEI_ADMIN=1
	6	# SetEnvIf REMOTE_ADDR 141.52.64.104 ADEI_CONTROL=1
	7	</Location>
	8	<Location /adei-katrin/admin/>
456 by Suren A. Chilingaryan Docs and scripts	9	Order deny,allow
	10	Deny from all
	11
436 by Suren A. Chilingaryan Remove hardcoded-security and replace it with one based on environmental variables	12	AuthType Basic
	13	AuthName "ADEI/Admin Authentication"
	14	AuthBasicProvider file
	15	AuthUserFile /srv/auth/katrin.passwd
	16	Require valid-user
	17	Satisfy Any
	18	</Location>
	19	<Location /adei-katrin/services/control.php>
456 by Suren A. Chilingaryan Docs and scripts	20	Order deny,allow
	21	Deny from all
	22
436 by Suren A. Chilingaryan Remove hardcoded-security and replace it with one based on environmental variables	23	AuthType Basic
	24	AuthName "ADEI/Control Authentication"
	25	AuthBasicProvider file
	26	AuthUserFile /srv/auth/katrin.passwd
	27	Require valid-user
	28	Satisfy Any
	29
	30	SetEnvIf REQUEST_URI ^ ADEI_USERAUTH=1
	31	</Location>