Home Web Server: Security: Difference between revisions
m
Reverted edits by Upazixorys (Talk); changed back to last version by Ric
Upazixorys (talk | contribs) No edit summary |
m (Reverted edits by Upazixorys (Talk); changed back to last version by Ric) |
||
Line 1: | Line 1: | ||
<span id="top"></span> | |||
<div style="padding:0;margin:0; border-bottom:3px inset #000000"> | |||
{| | {| | ||
| [[Image:uc_small_logo.gif | MPG UniCenter]] || | | [[Image:uc_small_logo.gif | MPG UniCenter]] || | ||
Line 15: | Line 14: | ||
[[Home Web Server: Known Problems | Problems]] | [[Home Web Server: Known Problems | Problems]] | ||
|} | |} | ||
</div> | |||
{| cellpadding= | {| cellpadding="2" | ||
| | | | ||
__TOC__ | __TOC__ | ||
|| | || | ||
'''Set MySQL password''' | '''Set MySQL password'''<br>'''Home Web Server Uniform Server 3.5-Apollo.''' | ||
|} | |} | ||
Uniform server has a number of security features accessible and set from '''apanel'''. The server default installation is a total lock down for local access only, denying any external access. To put the servers on-line you need to disable this feature. | Uniform server has a number of security features accessible and set from '''apanel'''. The server default installation is a total lock down for local access only, denying any external access. To put the servers on-line you need to disable this feature. | ||
Line 35: | Line 34: | ||
{| | {| | ||
|- | |- | ||
|valign= | |valign="top" style="background:#f3f3f3"| | ||
{|cellpadding= | {|cellpadding="2" style="background:#f3f3f3" | ||
|- | |- | ||
|valign= | |valign="top"|1 ||Start the servers by double-clicking on '''Server_Start.bat''' (in folder Uniform Server) | ||
|- | |- | ||
|valign= | |valign="top"|2||Your browser will start and display '''apanel'''.<br>'''''Note'':''' You can run apanel at anytime by typing the following into your browser <nowiki>http://localhost/apanel/</nowiki> | ||
|- | |- | ||
|valign= | |valign="top"|3||'''A)''' With apanel displayed scroll down to the '''Configurations''' section of the left menu. Click '''MySQL Server Configuration''' at the bottom of this section. | ||
|- | |- | ||
|valign= | |valign="top"|4||'''B)''' The MySQL Server Configuration page is displayed. | ||
|- | |- | ||
|valign= | |valign="top"|5||'''C)''' Type in the '''''new''''' MySQL Password. | ||
|- | |- | ||
|valign= | |valign="top"|6||'''D)''' Click '''Change''' | ||
|- | |- | ||
|valign= | |valign="top"|7||Stop the servers by double-clicking on '''Stop.bat''' (in folder Uniform Server) | ||
|- | |- | ||
|valign= | |valign="top"|8||'''Note:''' The password will updated when the servers are re-started. | ||
|} | |} | ||
|width= | |width="10"| | ||
& | | ||
| | | | ||
[[Image:Uc_home_web_server_mysql_password.gif]] | [[Image:Uc_home_web_server_mysql_password.gif]] | ||
Line 77: | Line 76: | ||
The next command it looks for is '''Allow''', this modifies the deny command, however it is very specific and allows access only from port 127.0.01 (Localhost the PC that Apache is running on) | The next command it looks for is '''Allow''', this modifies the deny command, however it is very specific and allows access only from port 127.0.01 (Localhost the PC that Apache is running on) | ||
Apache’s sole task is to server pages unless instructed otherwise. Delete the above lines and your servers are placed on-line. However it is normal practice not to delete these lines but to convert them into comments that are ignored by Apache. A command is converted into a comment by placing a crosshatch symbol ''' | Apache’s sole task is to server pages unless instructed otherwise. Delete the above lines and your servers are placed on-line. However it is normal practice not to delete these lines but to convert them into comments that are ignored by Apache. A command is converted into a comment by placing a crosshatch symbol '''<nowiki>#</nowiki>''' at the beginning of the line. | ||
=== .htaccess === | === .htaccess === | ||
To put your servers on-line open the file '''.htaccess''' in folder '''C:\uniserver\Uniform Server\udrive\www''' in a text editor such as NotePad and comment the lines as shown: | To put your servers on-line open the file '''.htaccess''' in folder '''C:\uniserver\Uniform Server\udrive\www''' in a text editor such as NotePad and comment the lines as shown: | ||
{| cellpadding= | {| cellpadding="8" cellspacing="1" style="background:#000000;" | ||
|style= | |style="background:#f5f5f5;"| | ||
<nowiki>#</nowiki> This file provides security to the server limiting access to the localhost only.<br> | |||
<nowiki>#</nowiki> Comment to deactivate. | |||
''' | '''<nowiki>#</nowiki>Order Deny,Allow'''<br> | ||
''' | '''<nowiki>#</nowiki>Deny from all'''<br> | ||
''' | '''<nowiki>#</nowiki>Allow from 127.0.0.1''' | ||
<nowiki>#</nowiki> To disallow execution of cgi scripts in this directory comment next two lines. | |||
AddHandler cgi-script .bat .exe .pl .cgi | AddHandler cgi-script .bat .exe .pl .cgi<br> | ||
Options +ExecCGI | Options +ExecCGI | ||
<nowiki>#--</nowiki><br> | |||
<nowiki>#</nowiki> Activate this to use the Admin Panel Feature!<br> | |||
<nowiki>#--</nowiki><br> | |||
<nowiki>#</nowiki> To lock Admin Panel, uncomment the next 4 lines.<br> | |||
<nowiki>#</nowiki> Defaults: Username - root; Password - root | |||
<nowiki>#</nowiki>AuthName "Uniform Server - Admin Panel 2.0"<br> | |||
<nowiki>#</nowiki>AuthType Basic<br> | |||
<nowiki>#</nowiki>AuthUserFile /htpasswd/home/admin/www/.htpasswd<br> | |||
<nowiki>#</nowiki>Require valid-user | |||
|} | |} | ||