Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Restrict lightsquid reports access.

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 2 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cylent
      last edited by

      i;ve done the following to stop users from directly accessing lightsquid reports (which i believe should have the option to allow only admins authenticated to the web admin panel to start with).

      I've created an .htaccess file as well as a .htpasswd file in the directory of /usr/local/www/lightsquid

      .htaccess file:
      AuthType Basic
      AuthName "Restricted Area"
      AuthUserFile /usr/local/www/lightsquid
      Require valid-user

      Options FollowSymLinks ExecCGI
      DirectoryIndex index.cgi

      and the .htpasswd file

      admin:$apr1$bHlTYU/j$slUMioRAnDJSZxAgjGk2U0

      now first question is:
      is the above correct to force the browser to have to authenticate the user who tries to access lightsquid reports?
      also, i've restart web configurator and it still doesnt work.

      please help

      1 Reply Last reply Reply Quote 0
      • C
        cylent
        last edited by

        can anyone please help me with this ? this is sooo important for me.

        i've noticed that lightsquid doesn't have its own httpd server and thus relies on the same one pfsense uses to present the webconfiguration.

        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          cylent,

          There is a post on this forum with some lightsquid hacks to include pfsense auth, try to search it.

          Are you testing sarg as well? If so, latest version 0.5 has no direct access to reports and a pfsense sarg gui permission option to restrict/allow users.

          att,
          Marcello Coutinho

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • C
            cylent
            last edited by

            no not testing sarg. running on plain (2.0.1-RELEASE (i386) built on Mon Dec 12 17:53:52 EST 2011)

            i've found another posting on the forum that suggests restricting the whole subnet from accessing the webgui port … although a workaround its still not a solution for lightsquid only.

            i cant for the life of me understand why the example for .htaccess doesnt work?

            1 Reply Last reply Reply Quote 0
            • C
              cylent
              last edited by

              still no joy on this.

              anybody else wanna attempt at helping me, please?

              1 Reply Last reply Reply Quote 0
              • marcellocM
                marcelloc
                last edited by

                I think you have to configure it on lighthttp.conf file instead of .htaccess
                http://blog.lighttpd.net/articles/2005/11/25/simplify-your-configfiles-with-includes
                http://redmine.lighttpd.net/projects/lighttpd/repository/entry/branches/lighttpd-1.4.x/doc/config/lighttpd.conf

                If it's not an old post, this may help too
                http://forums.digitalpoint.com/showthread.php?t=2320797

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.