Open main menu

CDOT Wiki β

Changes

OPS335 Lab 5

92 bytes added, 10:34, 3 March 2017
Controlling Access to Pages
There are many common-sense safeguards, such as creating an index.html file in your default directory that will display a webpage instead of the directory index. On the other hand, there are also safeguards that you can setup to provide additional protection to your data on your web server.
'''Perform the following steps:'''
*Now, as # As the root user on your gateway/host, try to forward incoming http connections that arrive on your host to the web server on vm1. Use an iptables command something like this:<prebr><source>iptables -t nat -A PREROUTING -i *yourinterface* -p tcp --dport 80 -j DNAT --to 192.168.X.2</presource>*# You will also need to create a rule in the FORWARD chain in the default table to accept connections to port 80.*# To test this setup you'll need to ask a classmate on another PC to try to use a browser to view your web page. S/he'll That person will have to enter your host's external interface IP number in their browser's address window.*Have them that person view both '''index.html ''' and '''index.php'''*create # Create a new directory inside your '''DocumentRoot''' and move index.php inside it.*# Have your partner view both files again.*We <br><br>You will now modify the settings on the web-server to prevent machines outside our network from accessing the private directory.<br><br>*# Add the following directory statement to your apache configuration (making sure to replace the X with your own network octet):<pre>
<Directory "/var/www/html/private">
AllowOverride None
</Directory>
</pre>
*This sets up separate rules and access permissions for that subdirectory.*Your partner should no longer be able to access any pages in the private directory (or any sub-directories of it), but your other internal machines (including your host) should still have access.
=== Install, Configure and Run MySQL Database Server ===
13,420
edits