My ongoing experiences with Ubuntu, and later Mythbuntu, as a media center with MythTV. I'm also using the system for a virtual machine server, a mediawiki server and a general all around home infrastructure base.

Thursday, August 14, 2008

Locking down the web server

My next step was to lock down the web server to prevent any anonymous access.

First was to tweak /etc/apache2/apache2.conf (see this previous post for more information:


<Directory /var/www/>
AuthType Basic
AuthName "Casey Web"
AuthUserFile /etc/apache2/basicauth
Require valid-user
</Directory>


Second, I tweaked mediawiki to not allow anonymous access to any page by editing /var/lib/mediawiki1.7/LocalSettings.php. I changed the following line:

$wgWhitelistRead = array ("Main Page", "Special:Userlogin", "Wikipedia:Help");


to:

$wgWhitelistRead = array ("Special:Userlogin");
Post a Comment