[opencms-dev] How is it possible to disable workplace? (TEST RESULT - [sorry for the "broken" posts])

Steve Mato smato at icc.net
Fri Jun 3 23:35:34 CEST 2005 

All,

workplace.limited.port=[some port #]

...does indeed work in 5.0.1.  It does not limit someone from seeing the /system/login path as I hoped/need, thus the site could still be subject to a brute force attack, however if a person successfully signs in from a port other then what is defined in workplace.limited.port, the 404 error page is returned for all the workplace frames.
:)
...that's something at least!

I'd still appreciate an informed response to my other e-mail though, regarding why when I created two <Service ...> definitions going against the same OpenCMS instance and same opencms database in MySQL, one site could not see what the other published.

-steve


-=-=-=-

RE: 

Alexander Kandzior alex at opencms.org 
Wed Oct 6 10:27:02 CEST 2004 

workplace.limited.port may or may not work in 5.0.x. I must say that this
feature never was really tested much.
 
In 6.0, you can just place the workplace site to a different hostname/post
and have your Firewall protect access to this.

Best Regards,
Alex.

Alexander Kandzior
Alkacon Software - The OpenCms Experts
http://www.alkacon.com <http://www.alkacon.com/> 

  _____  

From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Claus Priisholm
Sent: Wednesday, October 06, 2004 9:22 AM
To: The OpenCms mailing list
Subject: Re: [opencms-dev] How is it possible to disable workplace?


As mentioned I haven't tried it, but it seems to be the idea - anyone out
there that actually have used this feature?

On 5/10-2004, at 14.37, Farnaz Fotrousi wrote:




Do you mean the web-site port would be different than workplace port, when
we set "workplace.limited.port" property to another port in
"opencms.properties"?

Claus Priisholm <cpr at codedroids.com> wrote:
I haven't fiddled with this myself, but maybe it is something you can
utilize for your setup:

# workplace limited port
# This is the port the workplace access is limited to. With the
opencms.properties
# the access to the workplace can be limited to a user defined port.
With this
# feature a firewall can block all outside requests to this port with
the result
# the workplace is only available in the local net segment.
# Default=-1 (no limit)
workplace.limited.port=-1

Maybe this approach can be used with https, ie. setting the port to be 
say 443 (or whatever the https port is set to). But if you're behind a 
firewall and doing VPN adding HTTPS seems to be a bit of an overkill.

More information about the opencms-dev mailing list