Hi everyone.
when i made the cpanel for my hosting servers (yes i code every i need, Alpha male's do that), i'm do an auth lib for all my php's then i'm se the security, and all points a bad thing, anyway, i solve that, doing an proxy for all phisical tasks, like `du`, `rm`, `mkdir`, `dele`, and so on, and every other things of that kind, all off that scripts runs over an chroot apache over localhost. easy and enough security to me, all cpanel sends requests to sockets at localhost:port/do.task/add.mail?1231231 and things like that, via POST or GET, but enough security i guess. may be create an front end auth pluggin, in php, needs session on front, but in background still apache auth. think about, that's my experience avoiding security issues on auth process and security as well. greetings everyone. Edgar On Fri, 18 Dec 2009 21:24:01 +0100, "Imposit.com - Webmaster" <webmas...@imposit.com> wrote: >>The basic steps behind doing that are simple. It is just a bunch of HTTP >>headers that needs to be send out to the >browser: >>WWW-Authenticate: Basic realm="DSPAM Web UI" >>HTTP/1.0 401 Unauthorized > > > Ahhh This will not Work, nto Really. But there is a trick with config. > Together with the header :-) > > But really, I don’t want to post this. HTTP Auth isn’t supposed to used > in that way :-) > > And I agree aith the Plain login but I don’t think I will work with > suexec anymore > > On the other hand. HTTP Auth is powerful Secure. Doesn’t matter if the > WEbui has some sec issues or not, they only reachable by auth. Users so the > danger is minimized and if someone get coutch you normaly have his personal > details. > > So anyway which direction this will go. For all internal Services I will > use http auth anyway and recommend this. > (that’s way I really hate cpanel and co... security just on an php level > isn’t enough for a panel which controls my server sorry no way :-) > > > So lets close this with not possible. Its for Security Resons the way it is > :-) > > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and > easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Dspam-devel mailing list > Dspam-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspam-devel ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Dspam-devel mailing list Dspam-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-devel
