The following warnings occurred:
Warning [2] count(): Parameter must be an array or an object that implements Countable - Line: 906 - File: showthread.php PHP 7.2.34 (Linux)
File Line Function
/showthread.php 906 errorHandler->error



Thank you for your donation!


Cloudsmith graciously provides open-source package management and distribution for our project.


Instruction Guide Modding moOde: restrict access to config pages
#1
Hello,

as I am using moOde in an environment, were others can use it to play their music, I added restricted access by editing nginx.conf (/etc/nginx/nginx.con)

Just change:

Code:
##
    # moOde UI server
    ##

    server {
        listen 80;
        server_name media07.knoeferl.de;

        location / {
            root /var/www;
            index index.html index.php;
            try_files $uri $uri/ /coverart.php;
        }

        location /cssw/ {
            root /var/local/www;
        }
        location /imagesw/ {
            root /var/local/www;
        }
        location /jsw/ {
            root /var/local/www;
        }
        location /templatesw/ {
            root /var/local/www;
        }

        # php-fpm
        location ~ \.php$ {
            root /var/www;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $request_filename;
            include fastcgi_params;
        }
    }

to:

Code:
##
    # moOde UI server
    ##

    server {
        listen 80;
        server_name media07.knoeferl.de;

        location / {
            root /var/www;
            index index.html index.php;
            try_files $uri $uri/ /coverart.php;
        }

        location /cssw/ {
            root /var/local/www;
        }
        location /imagesw/ {
            root /var/local/www;
        }
        location /jsw/ {
            root /var/local/www;
        }
        location /templatesw/ {
            root /var/local/www;
        }

        # php-fpm
        location ~ \.php$ {
            root /var/www;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $request_filename;
            include fastcgi_params;
        
        
            # php-fpm restricted pages
            location ~ /(apl|blu|chp|eqg|eqp|mpd|net|sel|snd|sqe|src|sys|upp)\-config.php$ {
                root /var/www;
                satisfy any;
                allow 192.168.10.0/24;
                deny all;
                auth_basic "Konfigurationsbereich";
                auth_basic_user_file /etc/nginx/htpasswd;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $request_filename;
                include fastcgi_params;
            }
        }
    }


so that all *-config.php pages are password protected.

You need a password file (/etc/nginx/htpasswd) which can easily be generated online (e.g. here)
In my case I have a public and a private net (192.168.10.x) - this is excluded from password protection - this entry can be left out, if not necessary.

Best regards
Hans
Reply


Messages In This Thread
Modding moOde: restrict access to config pages - by Highsider - 07-22-2018, 02:05 PM

Forum Jump: