Coral: general access ssl
Root folder ssl - Access Creating a new server certificate for The Uniform Server automatically enables SSL in Apache's configuration file. You can now access your server using either http or https. The Uniform Server has a predefined folder (ssl root folder) that is reserved for https access. By default this folder is restricted to local access only. The following covers opening up your server for public or intranet access, and optionally restricting access using a name and password. |
|
Overview
UniController: Server Configuration > General > Root ssl - Change passwords and access
This menu is split into three sections as follows: 1) The top section allows you to change the access name and password; the defaults are set to root.
Note 1: Server access is controlled using an .htaccess file. This can be directly edited using Edit button K) |
Background information
There are three ways of restricting access to documents: either by IP address, hostname or by asking for a username and password. The first two are very similar and can be used to restrict access on an intranet. The last option allows users to be restricted on an individual basis using a username and password before being allowed access. This process is commonly referred to as user authentication. The Uniform Server can restrict access using both IP address and user authentication.
Setting up user authentication requires two steps. First you create a file containing a list of usernames and passwords. Secondly you specify what resources are to be protected and which users are allowed to access them. Setting up IP address access requires only server configuration. Server configuration uses an .htaccess file located in the folder it is protecting (root folder ssl). This allows configuration to take immediate effect and does not require a server restart.
Creating a password file
A list of users and passwords needs to be created in a file. For security, this file must be located outside of the document root. The Uniform Server is pre-configured and uses file: UniServer\htpasswd\ssl\.htpasswd
Edit or change password
Add name/password pair to list
|
Note: The menu provides a convenient way to enter names and passwords. You can edit the file UniServer\htpasswd\ssl\.htpasswd directly using an alternative text editor.
Enable or disable name password access
Server configuration uses an .htaccess file located in root folder UniServer\ssl. It is pre-configured for basic authentication, default is basic authentication disabled. Four lines (Apache directives) in this configuration file control authentication and are edited as follows:
Enable authentication
AuthName "Uniform Server - Secure Server Access" AuthType Basic AuthUserFile ../../../htpasswd/ssl/.htpasswd Require valid-user Disable authentication
#AuthName "Uniform Server - Secure Server Access" #AuthType Basic #AuthUserFile ../../../htpasswd/ssl/.htpasswd #Require valid-user |
|
Note: Menu provides a convenient way to enable or disable authentication.
Change Access
Server configuration uses an .htaccess file located in root folder UniServer\ssl. It is pre-configured to allow local access only. Four lines (Apache directives) control who can access to the server. These lines are edited as follows:
Local Access
Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from ::1 Local and Intranet Access
Order Deny,Allow Deny from all Allow from 127.0.0.1 192.168 Allow from ::1 Local, Intranet and Internet Access
#Order Deny,Allow #Deny from all #Allow from 127.0.0.1 #Allow from ::1 |
|
Deny from all. No one allowed access |
Note: The menu provides a convenient way to change and restrict access.