[mythtv-users] Friendly Messenger stating that "YOUR MYTHWEB IS INSECURE"
Michael Lynch
lynchmv at gmail.com
Sat Feb 9 20:20:17 UTC 2008
On Feb 9, 2008 3:10 PM, Chris Everest <chriseverest at gmail.com> wrote:
> Hello to everyone on the list. I recently noticed while checking my
> upcoming recordings that channel 10's name was recently changed to "YOUR
> MYTHWEB IS INSECURE". So I first want to thank whomever sent this friendly
> message. First, my specific thanks go for not destroying my entire system
> and second my thanks go to being smart enough to change the channel name on
> one of my upcoming recording (so that I would notice it).
>
> So now on to the problem. I think we are secure now, so whomever you are,
> you may try again to test my setup if you haven't already. I'm not going to
> provide the url for obvious reasons. I use an apache proxy at my internet
> gateway machine to forward requests into the local network. Mythweb is one
> of those proxied local machines. Here's where my insecurity came from. The
> below config for proxy seems to be the secure method. What I was trying to
> accomplish was securing only the mythweb proxy by using <Proxy /mythweb>
> rather than <Proxy *> to define the auth method. Why can't I use auth only
> for the mythweb portion? It seems that I have to auth all proxies to use
> security properly. I am pretty well versed in most apache config, so this
> one has stumped me. I suppose that I'll get on the apache list too, but
> this was myth specific enough to talk to the group.
>
> <IfModule mod_proxy.c>
> ProxyRequests Off
>
> <Proxy *>
> #<Proxy /mythweb> didn't work, i.e. didn't prompt for auth
> Order deny,allow
> Allow from all
> AuthType Digest
> AuthName "MythWeb"
> AuthUserFile /var/www/htpasswd.mythweb
> Require user <proper list of users>
> </Proxy>
>
> ProxyPass /pitchfork http://localserver1/pitchfork
> ProxyPassReverse /pitchfork http://localserver1/pitchfork
>
> ProxyPass /mythweb http://mymythbox/mythweb
> ProxyPassReverse /mythweb http://mymythbox/mythweb
>
> ProxyPass /dp http://localserver1/dp
> ProxyPassReverse /dp http://localserver1/dp
>
> ProxyVia Full
>
> </IfModule>
> # End of proxy directives.
>
>
> --
> Chris Everest
>
Well, curiosity got the best of me. I'm pretty sure I found your box
in question (highlight, right click, search google for) and it's now
prompting for a password.
More information about the mythtv-users
mailing list