reaching emoncms safe from www

Hi,

I have emoncms working on a local windows file-server.

Just thinking to make a port-forwarding on my router.

Doing this, i get access to my dashboards with: http://mydyndns.org/emoncms/dashboard/view

That's fine. But with this I am opening the wamp-server for the whole world (Who knows my dyndns-address)
Because with http://mydyndns.org you get access to the wampserver configuration page :-(
And this is to avoid!!!!

(mydyndns.org is only an example)

Any idea?

regards/brutzler

boelle's picture

Re: reaching emoncms safe from www

move every thing in the root folder to a sub folder... or use an htaccess file to prevent from accessing the root folder

 

or make a redirect...

brutzler's picture

Re: reaching emoncms safe from www

>> use an htaccess file to prevent from accessing the root folder
>> or make a redirect...

Thx for tips. But never made something like that. Will have to ask google for more informations.

Redirect: Sounds like I will lock out myself too, and will never get access to the wamp-server configuration page again?

Paul Reed's picture

Re: reaching emoncms safe from www

You need to change the Port number used by your router to access the configuration page, so to access your config page you will add the port number to the private IP address of your router.

I added some info about this in my blog, but it will depend which router you are using, but it may help.

Paul

 

boelle's picture

Re: reaching emoncms safe from www

his issue is that the config page is located on port 80 like everything else, but in the root folder for the web server...

 

so he will have to put a htaccess in the root folder that ask for user pass combo on the root folder but not any sub folders...

 

in that way if he just goes in the root folder it will ask for pass, but if anyone enters /emoncms it will not ask for this

 

 

Paul Reed's picture

Re: reaching emoncms safe from www

....his issue is that the config page is located on port 80 like everything else, but in the root folder for the web server...

Yes, that is correct, but if the config page is moved to an unused port, and accessed via the private IP address, eg 192.168.1.8:8080 - this then frees up the website root to be used as a landing page, blog or whatever is wanted.

Using htaccess is not very welcoming for visitors, whilst changing the config port makes it invisible.

Paul

brutzler's picture

Re: reaching emoncms safe from www

...but if the config page is moved to an unused port...

ok, but how can i change the config page to another port, and tell the webserver to show a different page on the normal port?

Further steps (config my router) should not be the big problem :-)

 

EDIT:

I know: editing /apache2.4.9/conf/httpd.conf to another port (Listen-command) can change the config-page to a different port.
I changed this:

>> Listen 0.0.0.0:85
>> Listen [::0]:85

and with 192.168.1.80:85 i get the config-page.

But emoncms needs now the same port: 192.168.1.80:85/emoncms

How to tell apache, that http://192.168.1.80/emoncms/... is to be reached by e.g. port 8080?

 

Paul Reed's picture

Re: reaching emoncms safe from www

Johann, I don't run a wampserver, but just read up a little on them tonight and found that in your root (www directory), you should have a index.php file (which serves your configuration page). If you rename it to something like myadminpage.php you will still be able to access your configuration by the url http://mysite.com/myadminpage.php (if you don't want anyone else to find it, change the file name to something really obscure).

Then, if you add a new index.php file, this will serve as your root landing page to serve whatever page you wish.

I've attached a simple index.php file if you wish to use it, just rename it from index.txt to index.php. OR alternatively, rename redirect.txt to index.php and use that one instead - it should redirect visitors to http://mysite.com/emoncms.

 

Paul

brutzler's picture

Re: reaching emoncms safe from www

Hi Paul,

thx for working out. Will try this evening.

I have read a lot of last night too. Just found something of "vhost". Could this be another way to configurate apache?

JD's picture

Re: reaching emoncms safe from www

The PageKite service is pretty interesting.  You can password protect access, as well as disable it completely when it's not needed.  https://pagekite.net

brutzler's picture

Re: reaching emoncms safe from www

@ Paul,

why did you score out one of your posts?

Paul Reed's picture

Re: reaching emoncms safe from www

It's just forum etiquette, because having now done a little research on wampservers, I don't think that my earlier suggestions were the best approach to resolve the issue which you reported, and by scoring out those suggestions I'll avoid confusing someone else who reads this in the future.

Have you had chance to try my last post?

Paul

brutzler's picture

Re: reaching emoncms safe from www

Hi Paul,

Just made some tries:
Your ideas are working as expected.
- Redirecting is working :-)
- Changing index.php to myadminpage shows the conf-page. But I had to make some changes in the php-script, because there where some refers on "index.php" inside. These had to be renamed to the new filename to get the embedded gif-symbols.

BUT:
If somebody knows a little bit about wampserver and apache, he only has to type in: http://mysite.com/myphpadmin and he gets access to the mysql-database. In my case I have not set a root-pw on it until now.

Having more time, i will additionally have a look at the idea of boelle (htaccess). Perhaps a combination of both will be the solution.

I will report my results.
@ now: thx for your great ideas and help.

Paul Reed's picture

Re: reaching emoncms safe from www

That's good, however in my post above I suggested that if you want to make it secure, change the name to something really obscure - R5dm6Hp.php which nobody would know.
Then bookmark the page, so that you can easily get access in the future.

Of course if someone was network sniffing your traffic, they could find out the url, but how likely is that? otherwise it should be fairly secure.

Paul

brutzler's picture

Re: reaching emoncms safe from www

I think I was not clear in my last post. And I made a mistake. Its not myphpadmin; Its called phpmyadmin (sorry)

I renamed index.php to myadminpage.php, and you are right, that I could use instead "myadminpage" a more obscure name.
But I talked about http://mysite.com/phpmyadmin. This is different and one of the standard wamp-aliases like phpsysinfo/sqlbuddy/webgrind/phpmyadmin.
And with these you get access to "non public" things.

But to be fair: I only tested this from inside until now.

Paul Reed's picture

Re: reaching emoncms safe from www

Yes but doesn't phpMyAdmin have it's own secure login via username/password built in?

Paul

brutzler's picture

Re: reaching emoncms safe from www

Just new infos:

These aliases are not reachable from outside, because there is a e.g. phpmyadmin.conf-file.
And in this, you can define "require local". This is default and does not allow access from outside.

--> No "easy" backdoor visible for me right now :-)

Paul Reed's picture

Re: reaching emoncms safe from www

Same here, and then via username/password.

Paul

brutzler's picture

Re: reaching emoncms safe from www

I am not asked for username/pw.
Guess cause of setting no root-password
 

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.