From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH] also force TLS when requiring user authentication in WebUI Date: Wed, 11 Oct 2017 18:30:50 +0200 Message-ID: <20171011183050.0c7682dd.peter.mueller@link38.eu> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8488487555246528296==" List-Id: --===============8488487555246528296== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Force TLS _and_ a valid login when accessing protected directories. Signed-off-by: Peter M=C3=BCller --- config/httpd/vhosts.d/ipfire-interface-ssl.conf | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/v= hosts.d/ipfire-interface-ssl.conf index e9ad26a96..816b9e637 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -23,7 +23,10 @@ AuthName "IPFire - Restricted" AuthType Basic AuthUserFile /var/ipfire/auth/users - Require user admin + + Require user admin + Require ssl + ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/ @@ -32,7 +35,10 @@ AuthName "IPFire - Restricted" AuthType Basic AuthUserFile /var/ipfire/auth/users - Require user admin + + Require user admin + Require ssl + Require all granted @@ -74,6 +80,9 @@ AuthName "IPFire - Restricted" AuthType Basic AuthUserFile /var/ipfire/auth/users - Require user admin + + Require user admin + Require ssl + --=20 2.13.6 --===============8488487555246528296==--