[hobbit] Securing Hobbit from visitors

Ben azlobo73 at gmail.com
Wed Mar 12 06:44:28 CET 2008


PS: We're running LAMP stack Apache 2.0 should it make a difference.

On Tue, Mar 11, 2008 at 10:39 PM, Ben <azlobo73 at gmail.com> wrote:
> We don't have ours open (in fact very we keep access as limited in
>  scope as is necessary; in our environment we can so we do - thank
>  goodness for socks5 and ssh), but a little time testing yields answers
>  for the auth question.
>
>  Set the same realm (AuthName directive) and password auth file(s)
>  (AuthUserFile and optionally AuthGroupFile if using groups -
>  recommended for multiple users so you can give everyone their own
>  accounts, manage them simply via group management, and safely revoke
>  access when needed) in all three locations.  That will do the trick
>  (Tested via Firefox, Opera, and Epiphany).  Even setting the same
>  password file(s) should be sufficient most of the time.  I even can
>  create the same user/pass credentials in separate password files and
>  login only once to access all three locations.
>
>  Ben
>
>
>
>  On Tue, Mar 11, 2008 at 9:58 PM, Josh Luthman
>  <josh at imaginenetworksllc.com> wrote:
>  > I am curious to see how the crew here on the mailing list secures their
>  > Hobbit from the outside world.  I need to have the WWW pages visible from
>  > every IP but only from certain people, therefor I need to use users and
>  > passwords.  Our Hobbitmon is viewed via cell phones and computers (IE and
>  > Firefox) and protected by an HTTP(S) login currently.  The problem is that
>  > with three different Directory statements in httpd.conf, you need to login
>  > three times every time you restart Firefox.
>  >
>  > Also, how many businesses have Hobbitmon wide open for the viewing, such as
>  > Henrik's demo, if any?
>  >
>  > --
>  > Josh Luthman
>  > Office: 937-552-2340
>  > Direct: 937-552-2343
>  > 1100 Wayne St
>  > Suite 1337
>  >  Troy, OH 45373
>  >
>  > Those who don't understand UNIX are condemned to reinvent it, poorly.
>  > --- Henry Spencer
>



More information about the Xymon mailing list