Novell Cool Solutions

How to Edit the ApacheAdmin Configuration File to Protect Against Possible Security Vulnerability on NetWare 6.5



By:

February 3, 2009 12:03 pm

Reads:4,192

Comments:0

Score:4

Print/PDF

TID 7001907 gives details about a potential security vulnerability with Apache, or more specifically ApacheAdmin, on NetWare 6.5 after you”ve installed an OES2 Linux server into the same tree.

However there seems to (currently) be some ambiguity about the actual cause and suggested fix.

Whilst you can use FILTCFG to restrict access to port 2200 (see my other article) this might be too restrictive since other services also use port 2200.

Fortunately it’s possible to modify the Apache configuration file that is used to configure ApacheAdmin on a NetWare server.

  1. edit sys:/adminsrv/webapps/apacheadmin/web-inf/apadmin-apache.conf
  2. find the <Directory "SYS:/adminsrv/webapps/apacheadmin"> section
  3. change Allow from all to Allow from network/netmask where network/netmask is the network you want to allow access from
Note: If you want to allow access from more than one network/netmask just add additional Allow from … lines.
1 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 51 vote, average: 4.00 out of 5 (1 votes, average: 4.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...

Categories: Uncategorized

0

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

Comment

RSS