[mythtv-users] Friendly Messenger stating that "YOUR MYTHWEB IS INSECURE"

Michael Lynch lynchmv at gmail.com
Sat Feb 9 20:20:17 UTC 2008


On Feb 9, 2008 3:10 PM, Chris Everest <chriseverest at gmail.com> wrote:
> Hello to everyone on the list.  I recently noticed while checking my
> upcoming recordings that channel 10's name was recently changed to "YOUR
> MYTHWEB IS INSECURE".  So I first want to thank whomever sent this friendly
> message.  First, my specific thanks go for not destroying my entire system
> and second my thanks go to being smart enough to change the channel name on
> one of my upcoming recording (so that I would notice it).
>
> So now on to the problem.  I think we are secure now, so whomever you are,
> you may try again to test my setup if you haven't already.  I'm not going to
> provide the url for obvious reasons.  I use an apache proxy at my internet
> gateway machine to forward requests into the local network.  Mythweb is one
> of those proxied local machines.  Here's where my insecurity came from.  The
> below config for proxy seems to be the secure method.  What I was trying to
> accomplish was securing only the mythweb proxy by using  <Proxy /mythweb>
> rather than <Proxy *> to define the auth method.  Why can't I use auth only
> for the mythweb portion?  It seems that I have to auth all proxies to use
> security properly.  I am pretty well versed in most apache config, so this
> one has stumped me.  I suppose that I'll get on the apache list too, but
> this was myth specific enough to talk to the group.
>
> <IfModule mod_proxy.c>
> ProxyRequests Off
>
> <Proxy *>
> #<Proxy /mythweb> didn't work, i.e. didn't prompt for auth
>     Order deny,allow
>     Allow from all
>     AuthType Digest
>      AuthName "MythWeb"
>     AuthUserFile /var/www/htpasswd.mythweb
>     Require user <proper list of users>
> </Proxy>
>
> ProxyPass /pitchfork http://localserver1/pitchfork
>  ProxyPassReverse /pitchfork http://localserver1/pitchfork
>
> ProxyPass /mythweb http://mymythbox/mythweb
> ProxyPassReverse /mythweb  http://mymythbox/mythweb
>
> ProxyPass /dp http://localserver1/dp
> ProxyPassReverse /dp  http://localserver1/dp
>
> ProxyVia Full
>
> </IfModule>
> # End of proxy directives.
>
>
> --
> Chris Everest
>

Well, curiosity got the best of me.  I'm pretty sure I found your box
in question (highlight, right click, search google for) and it's now
prompting for a password.


More information about the mythtv-users mailing list