5.0-Nano: Security features: Difference between revisions

no edit summary
mNo edit summary
No edit summary
Line 1: Line 1:
=[http://yhenaju.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
{{Nav 5.0-Nano}}
{{Nav 5.0-Nano}}
'''Security features - Security Center'''
'''Security features - Security Center'''
Line 65: Line 66:
'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
==== Local View ====
==== Local View ====
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
|-
|-
|style="background:#f5f5f5;"|
|style="background:#f5f5f5;"|
Due to the fact that some PC's have a different hostname set rather than localhost, we use the IP method here. This checks to make sure that you are viewing the Admin Panel (this) from local.
Due to the fact that some PC's have a different hostname set rather than localhost, we use the IP method here. This checks to make sure that you are viewing the Admin Panel (this) from local.
|}
|}
Line 75: Line 76:


==== PHP Safe Mode ====
==== PHP Safe Mode ====
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
|-
|-
|style="background:#f5f5f5;"|
|style="background:#f5f5f5;"|
This checks to see if PHP is running in SAFE MODE. Now, PHP does not have to run in SAFE MODE, but if you want the extra security, you can set it by clicking on the UNSECURE link.
This checks to see if PHP is running in SAFE MODE. Now, PHP does not have to run in SAFE MODE, but if you want the extra security, you can set it by clicking on the UNSECURE link.
|}
|}
Line 85: Line 86:


==== Admin Panel Access ====
==== Admin Panel Access ====
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
|-
|-
|style="background:#f5f5f5;"|
|style="background:#f5f5f5;"|
While this is another feature that is not throughly important as other features are in place against outside access to the Admin Panel, this checks to see if your Admin Panel is secured using the Auth method. Please change this by editing the C:/UniServer/home/admin/www/.htaccess file.
While this is another feature that is not throughly important as other features are in place against outside access to the Admin Panel, this checks to see if your Admin Panel is secured using the Auth method. Please change this by editing the C:/UniServer/home/admin/www/.htaccess file.
|}
|}
Line 99: Line 100:
{|
{|
|-
|-
|'''1)''' Locate these lines:|| ||'''2''') Uncomment the lines by removing the hash “#” as shown
|'''1)''' Locate these lines:|| ||'''2''') Uncomment the lines by removing the hash “#” as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
#AuthName "Uniform Server - Admin Panel 2.0"
#AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
#AuthType Basic
#AuthType Basic
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#Require valid-user
#Require valid-user
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
AuthName "Uniform Server - Admin Panel 2.0"
AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
AuthType Basic
AuthType Basic
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
Require valid-user
Require valid-user
</pre>
&lt;/pre&gt;
|}
|}
Now every time you access Apanel you need to enter a name and password.
Now every time you access Apanel you need to enter a name and password.
Line 141: Line 142:
{|
{|
|-
|-
|'''1)''' Locate these lines:||&nbsp;||'''2''') Disable local access only by commenting each line with an hash "#" as shown
|'''1)''' Locate these lines:||&amp;nbsp;||'''2''') Disable local access only by commenting each line with an hash &quot;#&quot; as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
Order Deny,Allow
Order Deny,Allow
Deny from all
Deny from all
Allow from 127.0.0.1
Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
#Order Deny,Allow
#Order Deny,Allow
#Deny from all
#Deny from all
#Allow from 127.0.0.1
#Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|}
|}
'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''


==== Server Access ====
==== Server Access ====
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
{| cellpadding=&quot;6&quot; cellspacing=&quot;1&quot; style=&quot;width:80%;background:#000000;&quot;
|-
|-
|style="background:#f5f5f5;"|
|style=&quot;background:#f5f5f5;&quot;|
If you are running your server in Production Mode, Skip this one. If not and you would like to add more security to the server by blocking it using the Auth method, then change this in by editing the C:/UniServer/www/.htaccess file.
If you are running your server in Production Mode, Skip this one. If not and you would like to add more security to the server by blocking it using the Auth method, then change this in by editing the C:/UniServer/www/.htaccess file.
|}
|}
Line 175: Line 176:
{|
{|
|-
|-
|'''1)''' Locate these lines:||&nbsp;||'''2''') Disable local access only by commenting each line with an hash "#" as shown
|'''1)''' Locate these lines:||&amp;nbsp;||'''2''') Disable local access only by commenting each line with an hash &quot;#&quot; as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
Order Deny,Allow
Order Deny,Allow
Deny from all
Deny from all
Allow from 127.0.0.1
Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
#Order Deny,Allow
#Order Deny,Allow
#Deny from all
#Deny from all
#Allow from 127.0.0.1
#Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|}
|}


Line 204: Line 205:
{|
{|
|-
|-
|'''1)''' Locate these lines:||&nbsp;||'''2''') Uncomment the lines by removing the hash “#” as shown
|'''1)''' Locate these lines:||&amp;nbsp;||'''2''') Uncomment the lines by removing the hash “#” as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
#AuthName "Uniform Server - Admin Panel 2.0"
#AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
#AuthType Basic
#AuthType Basic
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#Require valid-user
#Require valid-user
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
AuthName "Uniform Server - Admin Panel 2.0"
AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
AuthType Basic
AuthType Basic
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
Require valid-user
Require valid-user
</pre>
&lt;/pre&gt;
|}
|}
Now every time a user browsers your server from either the Internet or Intranet is challenged for a name and password.
Now every time a user browsers your server from either the Internet or Intranet is challenged for a name and password.
Line 228: Line 229:


==== Server Access (SSL) ====
==== Server Access (SSL) ====
{| cellpadding="6" cellspacing="1" style="width:80%;background:#000000;"
{| cellpadding=&quot;6&quot; cellspacing=&quot;1&quot; style=&quot;width:80%;background:#000000;&quot;
|-
|-
|style="background:#f5f5f5;"|
|style=&quot;background:#f5f5f5;&quot;|
If you are running your server in Production Mode, Skip this one. If not and you would like to add more security to the server by blocking it using the Auth method, then change this in by editing the C:/UniServer/ssl/.htaccess file.  
If you are running your server in Production Mode, Skip this one. If not and you would like to add more security to the server by blocking it using the Auth method, then change this in by editing the C:/UniServer/ssl/.htaccess file.  
|}
|}
Line 242: Line 243:
{|
{|
|-
|-
|'''1)''' Locate these lines:||&nbsp;||'''2''') Disable local access only by commenting each line with an hash "#" as shown
|'''1)''' Locate these lines:||&amp;nbsp;||'''2''') Disable local access only by commenting each line with an hash &quot;#&quot; as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
Order Deny,Allow
Order Deny,Allow
Deny from all
Deny from all
Allow from 127.0.0.1
Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
#Order Deny,Allow
#Order Deny,Allow
#Deny from all
#Deny from all
#Allow from 127.0.0.1
#Allow from 127.0.0.1
</pre>
&lt;/pre&gt;
|}
|}
'''''Note'':''' No need to restart the server changes are Automatically picked up by Apache.
'''''Note'':''' No need to restart the server changes are Automatically picked up by Apache.
Line 269: Line 270:
{|
{|
|-
|-
|'''1)''' Locate these lines:||&nbsp;||'''2''') Uncomment the lines by removing the hash “#” as shown
|'''1)''' Locate these lines:||&amp;nbsp;||'''2''') Uncomment the lines by removing the hash “#” as shown
|-
|-
|
|
<pre>
&lt;pre&gt;
#AuthName "Uniform Server - Admin Panel 2.0"
#AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
#AuthType Basic
#AuthType Basic
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
#Require valid-user
#Require valid-user
</pre>
&lt;/pre&gt;
|
|
&nbsp;
&amp;nbsp;
|
|
<pre>
&lt;pre&gt;
AuthName "Uniform Server - Admin Panel 2.0"
AuthName &quot;Uniform Server - Admin Panel 2.0&quot;
AuthType Basic
AuthType Basic
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
AuthUserFile C:/UniServer/htpasswd/home/admin/www/.htpasswd
Require valid-user
Require valid-user
</pre>
&lt;/pre&gt;
|}
|}
Now every time a user browsers your server from either the Internet or Intranet is challanged for a name and password.
Now every time a user browsers your server from either the Internet or Intranet is challanged for a name and password.
322

edits