[mythtv-users] Locking down mythweb to local only - Best place for Require local
Peter Bennett
cats22 at comcast.net
Wed Oct 4 19:32:04 UTC 2017
On 10/04/2017 02:19 PM, Ian Evans wrote:
> I haven't really used apache much, run my site on nginx, so I'm just
> trying to secure mythweb (and eventually zoneminder and phpmyadmin
> when I install them) to be local access only so I can tunnel in via ssh.
>
> From my Googling I thought this would work in the myhtweb.conf:
>
> <Directory "/var/www/html/mythweb" >
>
> ############################################################################
> # I *strongly* urge you to turn on authentication for MythWeb. It
> is disabled
> # by default because it requires you to set up your own password
> file. Please
> # see the man page for htdigest and then configure the following
> four directives
> # to suit your authentication needs.
> #
> AuthType Digest
> AuthName "MythTV"
> AuthUserFile /etc/mythtv/htdigest
> Require valid-user
> BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
> Require local
> Satisfy all
>
> Etc.
>
> But after restarting apache I'm still able to access mythweb from a
> computer outside localhost.
>
> Any ideas? Thanks.
>
>
This is what I use
require ip 127.0.0.1 192.168.0.0/16
You will need to adjust 192.168.0.0/16 if your router is allocating
different ip address range
This excludes all access from outside of my own local network.
If you only want access from localhost
require ip 127.0.0.1
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20171004/68152946/attachment.html>
More information about the mythtv-users
mailing list