Von's Ubuntu Experiences: Locking down the web server

Thursday, August 14, 2008

Locking down the web server

My next step was to lock down the web server to prevent any anonymous access.

First was to tweak /etc/apache2/apache2.conf (see this previous post for more information:

<Directory /var/www/>
AuthType Basic
AuthName "Casey Web"
AuthUserFile /etc/apache2/basicauth
Require valid-user
</Directory>

Second, I tweaked mediawiki to not allow anonymous access to any page by editing /var/lib/mediawiki1.7/LocalSettings.php. I changed the following line:

$wgWhitelistRead = array ("Main Page", "Special:Userlogin", "Wikipedia:Help");

to:

$wgWhitelistRead = array ("Special:Userlogin");

No comments:

Post a Comment

What you will find here...

I'm running Ubuntu (actually now Mythbuntu) on a new PC for use as a MythTV server, VMWare host and general file and MP3 server for a couple Windows XP and MacOS laptops. I'm doing this on a Dell n series Optiplex 740, which I mention beause you can order one without windows pre-installed.

As I go this process, I thought I'd share my experiences (and record them so I can remember them) since although Ubuntu is nice, I'm still having to work through a number of non-trivial steps.

I'm fairly well versed in Unix and Windows. I'm assuming the reader has some expertise, so I'm not going into every little detail, just the stuff I think is not obvious. (One thing to note is that I run 'sudo -i' and then do everything in a root shell, so I don't prefix each root command with 'sudo'.)

Von's Ubuntu Experiences

Thursday, August 14, 2008

Locking down the web server

No comments:

Search This Blog

What you will find here...

Links

Label Cloud

Blog Archive

Von's Ubuntu Experiences

Thursday, August 14, 2008

Locking down the web server

No comments:

Search This Blog

What you will find here...

Links

Label Cloud

Blog Archive

Subscribe (RSS)