The Piranha Configuration Tool
prompts for a valid username and password combination. However,
because all of the data passed to the Piranha Configuration Tool is in plain text, it
is recommended that you restrict access only to trusted networks or
to the local machine.
The easiest way to restrict access is to use the Apache HTTP
Server's built in access control mechanisms by editing /etc/sysconfig/ha/web/secure/.htaccess. After
altering the file you do not have to restart the piranha-gui service because the server checks the
.htaccess file each time it accesses the
directory.
By default, the access controls for this directory allow anyone
to view the contents of the directory. Here is what the default
access looks like:
Order deny,allow
Allow from all
|
To limit access of the Piranha
Configuration Tool to only the localhost change the .htaccess file to allow access from only the
loopback device (127.0.0.1). For more information on the loopback
device, see the chapter titled Network
Scripts in the Red Hat Enterprise Linux
Reference Guide.
Order deny,allow
Deny from all
Allow from 127.0.0.1
|
You can also allow specific hosts or subnets as seen in this
example:
Order deny,allow
Deny from all
Allow from 192.168.1.100
Allow from 172.16.57
|
In this example, only Web browsers from the machine with the IP
address of 192.168.1.100 and machines on the 172.16.57/24 network
can access the Piranha Configuration
Tool.
 |
Caution |
| |
Editing the Piranha Configuration
Tool .htaccess file limits access to
the configuration pages in the /etc/sysconfig/ha/web/secure/ directory but not to
the login and the help pages in /etc/sysconfig/ha/web/. To limit access to this
directory, create a .htaccess file in the
/etc/sysconfig/ha/web/ directory with
order, allow, and deny
lines identical to /etc/sysconfig/ha/web/secure/.htaccess.
|
