Restrict Access to Administrator Pages

From WiDirect
Jump to: navigation, search

On some networks, more security might be required for the WiDirect Admin pages. In fact, it's recommended that this security measure be added anywhere there isn't tight security on the network.

The WiDirect admin page has built in security where three failed login attempts will lock out an IP address for 15 minutes. However, if needed, it is possible to disable admin login page attempts completely from the Mobile Network. In order to do this, SSH to the WiDirect and run this command.

sudo emacs /root/AWICP/www/portal/admin/.htaccess 

In this file add the following lines.

<Files *> 
order allow,deny 
allow from all 
deny from 10.8.1.0/24 
</Files>

Change the 10.8.1.0/24 to be the IP subnet range of your mobile network. Save and exit the emacs text editor by pressing Control-X followed by Control-C. Press y when asked to save.

Next open the web configuration file with this command:

sudo emacs /etc/httpd/conf/httpd.conf

Look for this section of the file:

<Directory "/var/www/html"> 
    Options Indexes FollowSymLinks 
    AllowOverride AuthConfig Limit 
    Order allow,deny 
    Allow from all 
</Directory> 

Change the line that reads “AllowOverride None” to be “AllowOverride AuthConfig Limit”. After making that change, exit the file and restart the Apache service by running this command:

sudo /sbin/service httpd restart