[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: Suggestion for MiniMate security
I'm going to add this section to the MiniMate documentation:
Access Control with Apache
==========================
First configure Apache to deny access to the MiniMate pages without a
password:
<LocationMatch /cgi-bin/simple/+(admin/config)>
AuthType Basic
AuthUserFile /home/minivend/users
AuthName "MiniVend Administration"
require valid-user
</LocationMatch>
The plus sign is necessary to protect against access with the URL `
/cgi-bin/simple//config/menu.html'. Enter the user name of the shop owner in
the catalog configuration file `catalog.cfg':
RemoteUser minivend
For access to the MiniMate pages by the shop owner create empty files named `
.access' in the directories `config' and `admin':
racke@linuxia.de:~ > rm -f /home/minivend/lib/MiniMate/pages/config/.access
racke@linuxia.de:~ > touch /home/minivend/lib/MiniMate/pages/config/.access
racke@linuxia.de:~ > rm -f /home/minivend/lib/MiniMate/pages/admin/.access
racke@linuxia.de:~ > touch /home/minivend/lib/MiniMate/pages/admin/.access
Create files named `.access_gate' in the same directories to allow access by
the user authentified through Apache:
*: [perl arg="config" interpolate=1]
return 1 if $Safe{config}{RemoteUser} eq q{[data session user]};
return 0;
[/perl]
--
LinuXia - Solutions of Cool Competence - Internetprogramming and more
D-30163 Hannover, Waldstraße 4, 0511-3941290 (http://www.linuxia.de/)
Wir realisieren Onlineshops mit Minivend (http://www.minivend.com)
und MiniMate (http://www.linuxia.de/minimate/).
