Print
|
Original Question
or Issue:
|
We have identified vulnerability that require immediate attention and remediation for the FileCloud hosting site.
Restrict access to the admin portal login page to approved IP address ranges.
|
|
Environment:
|
- Product - FileCloud Server
- Version - Any
- Platform -
|
| Steps to Reproduce: |
|
| Error or Log Message: |
|
|
Defect or
Enhancement Number:
|
|
| Cause: |
Externally Accessible Administration Portals - Identified as a vulnerability.
|
|
Resolution or
Workaround:
|
- Stop Apache Server.
-
Edit the following file, based on the OS on which FileCloud server is installed (adjust these paths for your environment).
| |
|
| Windows |
C:\xampp\apache\conf\extra\httpd-filecloud.conf |
| Ubuntu |
/etc/apache2/sites-enabled/000-default.conf |
| RHEL |
/etc/httpd/conf/httpd.conf |
- Add the following lines to the configuration. In Windows, lines can be added to the end of the file. On Linux, lines needs to be added inside the VirtualHost configuration
<Location /ui/admin2>
Order deny,allow
deny from all
allow from 192.168.
allow from 33.201.24.69
</Location>
-
Restart apache, after making this change. Now admin UI will be accessible only from subnet 192.168.x.x and IP 33.201.24.69.
|
| Notes: |
Reference: https://www.filecloud.com/supportdocs/fcdoc/latest/server/filecloud-administrator-guide/filecloud-site-setup/filecloud-best-practices/restricting-access-to-admin-ui-based-on-ip-addresses |
Related Articles
Self-Hosted Help Desk Software by
SupportPal