Hiya this one is always a pain, fact is the admin pages again as far as I can figure out from looking into the depths of my raqs is that the admin GUI runs off another version of apache, I could be wrong here as I didnt really spend much time looking into things and took a bit of a guess.. but . the problem is is when you go to http://mysite/admin it does a redirect straight away, so securing mysite is useless with ssl.
The next problem is that it does a redirect to a url running on another port, (81) this is not the port SSL runs on so I dont even know if your web browser would regognise SSL as running even if you put managed to secure you main domain for the server. Sombody who really knows what they are doing needs to look into this problem and get it sorted, as .... The whole point of being able to use the raq, is that you can use the WEB ADMIN PAGES to simplify things, if you dont intend to use them you might as well get a blank box and install Red hat on it. Secondly I'm scared to log onto my raqs admin pages, as the root password for the machine is sent in PLAIN TEXT! across the network. So anybody sniffing can pick it up, I personally think this is one of the biggest flaws about the RAQ and should be solved ASAP. Hope sombody is prepared to look into this. Im sure it should be SUN who should be looking into this, but I doubt they will. Regards. Duncan. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
