Re: [Mailman-Users] Trying to secure the list server web page

2019-03-01 Thread Bill Cole 

On 27 Feb 2019, at 11:58, Mark Sapiro wrote:


On 2/27/19 8:48 AM, Jeffrey Westgate wrote:
Confession first -- I touch this server so seldom because it just 
runs... and I inherited it many moon orbits ago.



The setting I needed was actually in the Defaults.py, and not in the 
mm_cfg.py. And it was http.  I did the change, pushed it out, and 
we're back in fine form again.



First, never change Defaults.py. Put overrides in mm_cfg.py. See
.

Also, for your original question, see all the steps at
.


Also note: if you do this on a machine managed by cPanel, you will need 
to redo the last step ($prefix/bin/withlist -l -r fix_url) daily after 
the nightly maintenance cron job, which reverts whatever fix_url does. 
There is an open bug at cPanel (opened last week) to fix that.


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Available For Hire: https://linkedin.com/in/billcole
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread David Gibbs via Mailman-Users 

On 2/27/2019 11:13 AM, Jeffrey Westgate wrote:

OK.  thanks for that.  So I can copy/paste the same line in the
mm_cfg.py, at the bottom, under the site-specific config block?


Yes.

david


--
IBM i on Power Systems: For when you can't afford to be out of business!

I'm riding 615 miles (Yes, you read that right) in the American Diabetes 
Association's Tour de Cure to raise money for diabetes research, education, 
advocacy, and awareness.  You can make a tax-deductible donation to my ride by 
visiting https://mideml.diabetessucks.net.

You can see where my donations come from by visiting my interactive donation 
map ... https://mideml.diabetessucks.net/map (it's a geeky thing).

I may have diabetes, but diabetes doesn't have me!
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread David Gibbs via Mailman-Users 

On 2/27/2019 10:48 AM, Jeffrey Westgate wrote:

The setting I needed was actually in the Defaults.py, and not in the
mm_cfg.py. And it was http.  I did the change, pushed it out, and
we're back in fine form again.


Don't change Defaults.py!

Only change mm_cfg.py.

mm_cfg.py imports Defaults.py, but it may get overwritten when you upgrade.  
mm_cfg.py never gets overwritten.

http://www.gnu.org/software/mailman/mailman-install/customizing.html

david

--
IBM i on Power Systems: For when you can't afford to be out of business!

I'm riding 615 miles (Yes, you read that right) in the American Diabetes 
Association's Tour de Cure to raise money for diabetes research, education, 
advocacy, and awareness.  You can make a tax-deductible donation to my ride by 
visiting https://mideml.diabetessucks.net.

You can see where my donations come from by visiting my interactive donation 
map ... https://mideml.diabetessucks.net/map (it's a geeky thing).

I may have diabetes, but diabetes doesn't have me!
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread Mark Sapiro 
On 2/27/19 8:48 AM, Jeffrey Westgate wrote:
> Confession first -- I touch this server so seldom because it just runs... and 
> I inherited it many moon orbits ago.
> 
> 
> The setting I needed was actually in the Defaults.py, and not in the 
> mm_cfg.py. And it was http.  I did the change, pushed it out, and we're back 
> in fine form again.


First, never change Defaults.py. Put overrides in mm_cfg.py. See
.

Also, for your original question, see all the steps at
.

-- 
Mark Sapiro The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread Jeffrey Westgate 
Confession first -- I touch this server so seldom because it just runs... and I 
inherited it many moon orbits ago.


The setting I needed was actually in the Defaults.py, and not in the mm_cfg.py. 
And it was http.  I did the change, pushed it out, and we're back in fine form 
again.


thanks for the quick response.



From: David Gibbs 
Sent: Wednesday, February 27, 2019 10:13 AM
To: Jeffrey Westgate; mailman-users@python.org
Subject: Re: [Mailman-Users] Trying to secure the list server web page

On 2/27/2019 10:01 AM, Jeffrey Westgate wrote:
> when a list owner tends to the moderator requests, and hits the
> Submit All Data button... depending on the browser, it says it is
> going to send the information over an insecure connection  and
> nothing happens results-wise - the request is not handled.
>
> Is there some config we need to change in mailman to secure it
> properly?

What is the DEFAULT_URL_PATTERN setting in mm_cfg.py?

I've got mine set to ...

DEFAULT_URL_PATTERN = 'https://%s/mailman/'

... so all URL's go to https.

david


--
IBM i on Power Systems: For when you can't afford to be out of business!

I'm riding 615 miles (Yes, you read that right) in the American Diabetes 
Association's Tour de Cure to raise money for diabetes research, education, 
advocacy, and awareness.  You can make a tax-deductible donation to my ride by 
visiting https://mideml.diabetessucks.net.

You can see where my donations come from by visiting my interactive donation 
map ... https://mideml.diabetessucks.net/map (it's a geeky thing).

I may have diabetes, but diabetes doesn't have me!
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Re: [Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread David Gibbs via Mailman-Users 

On 2/27/2019 10:01 AM, Jeffrey Westgate wrote:

when a list owner tends to the moderator requests, and hits the
Submit All Data button... depending on the browser, it says it is
going to send the information over an insecure connection  and
nothing happens results-wise - the request is not handled.

Is there some config we need to change in mailman to secure it
properly?


What is the DEFAULT_URL_PATTERN setting in mm_cfg.py?

I've got mine set to ...

DEFAULT_URL_PATTERN = 'https://%s/mailman/'

... so all URL's go to https.

david


--
IBM i on Power Systems: For when you can't afford to be out of business!

I'm riding 615 miles (Yes, you read that right) in the American Diabetes 
Association's Tour de Cure to raise money for diabetes research, education, 
advocacy, and awareness.  You can make a tax-deductible donation to my ride by 
visiting https://mideml.diabetessucks.net.

You can see where my donations come from by visiting my interactive donation 
map ... https://mideml.diabetessucks.net/map (it's a geeky thing).

I may have diabetes, but diabetes doesn't have me!
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

[Mailman-Users] Trying to secure the list server web page

2019-02-27 Thread Jeffrey Westgate 
Help?  We have been running the list server on port 80 for ... years.  
Yesterday we created an ssl certificate, and move the http to https.  Seems to 
be going fine, except for a few thing --


when a list owner tends to the moderator requests, and hits the Submit All Data 
button... depending on the browser, it says it is going to send the information 
over an insecure connection  and nothing happens results-wise - the request 
is not handled.


Is there some config we need to change in mailman to secure it properly?


--

Jeff Westgate
DIS UNIX/Linux System Administrator


Facebook|Twitter|Linkedin



--
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org