• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Lightsquid reports page has no protection

Scheduled Pinned Locked Moved pfSense Packages
8 Posts 2 Posters 3.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C Offline
    cylent
    last edited by Jan 5, 2010, 7:12 AM

    is it possible to protect lightsquid reports with a password?

    i noticed if you goto http://<pfsenseip>/lightsquid/index.cgi you are immediately granted access.

    pls advise.</pfsenseip>

    1 Reply Last reply Reply Quote 0
    • C Offline
      cylent
      last edited by Jan 5, 2010, 9:12 PM

      anybody?

      i tried using .httaccess method but it simply isnt working.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cylent
        last edited by Jan 18, 2010, 6:31 AM

        I find this to be a huge security hole because it bypasses admin for anybody on the lan that knows the correct URL …

        anybody want to help with this please?

        1 Reply Last reply Reply Quote 0
        • J Offline
          jalgaz
          last edited by Jan 18, 2010, 11:02 AM

          i think you can block access with rules to this ip

          JuanjoA
          Saludos

          –-----------------------------------
          saludos
          JuanjoA

          1 Reply Last reply Reply Quote 0
          • C Offline
            cylent
            last edited by Jan 18, 2010, 11:33 AM

            it would be nice if lightsquid had a port i can use to block with.

            1 Reply Last reply Reply Quote 0
            • C Offline
              cylent
              last edited by Jan 19, 2010, 8:56 AM

              and yet still no workable response from the pfsense devs.

              i realize lightsquid is an external package but as soon as its accepted into the pfsense package system then pfsense is responsible for it.

              1 Reply Last reply Reply Quote 0
              • J Offline
                jalgaz
                last edited by Jan 19, 2010, 10:18 AM

                i think this is  a bug.
                really, with rules i cant block the access to the page of lightsquid.

                I tried with squid and without squid, with same result, access garanted.

                it would be nice if lightsquid had a port i can use to block with.

                The gui use port 80 or 443 (http / https)

                JuanjoA

                –-----------------------------------
                saludos
                JuanjoA

                1 Reply Last reply Reply Quote 0
                • C Offline
                  cylent
                  last edited by Jan 19, 2010, 10:23 AM

                  so what you want me to block port 80 then?
                  i'd have to shift the webgui to another port…
                  :-[ :-[

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    [[user:consent.lead]]
                    [[user:consent.not_received]]