1.4.1 gallery configuration question

rimvydukas Joined: 2003-12-24 Posts: 31	Posted: Wed, 2003-12-24 09:07
	So I have following question. I installed gallery 1.4.1 on Linux Redhat 7.2 and Apache 1.3.x web server. Everyone know that when we issue configure.sh script we can configure gallery through web browser. But EVERYONE can do this configuration while I'm configuring my gallery. And it can be a bad guy. So my question is: how can I force configuration mode to be available only from particular IP address? I want to be able to access configuration pages only from particular computer. And I need everyone else access denied message or someting else while I'm configuring gallery. Thanks.
	XUser login Username: * Password: * Create new account Request new password
alindeman Joined: 2002-10-06 Posts: 8194	Posted: Wed, 2003-12-24 14:06
	This is fixed in Gallery 2.x. Generally, it's unlikely that a bad guy will have enough time to configure Gallery before you can finish. However, you can temporarily add this line to the .htaccess file in your gallery/ directory: order deny,allow deny from all allow from [iphere]

rimvydukas Joined: 2003-12-24 Posts: 31	Posted: Wed, 2003-12-24 14:21
	Thank you for your answer. I fixed this thing by adding following lines in .htaccess: AuthName "Mano Galerija" AuthUserFile /path/to/file/.htpasswd AuthType Basic require valid-user At least this works for me. Anyway thank you. But with the bad guy you're wrong Everytime there is a bad guy And don't think that he will not have required time

alindeman Joined: 2002-10-06 Posts: 8194	Posted: Wed, 2003-12-24 14:24
	That works fine too. Either way you want.

1.4.1 gallery configuration question

XUser login