Hi,
I was able to solve my problem by using Peter's suggestion for a proxy
server with authentication combined with these two iptables rules:
iptables -A OUTPUT -p tcp --dport -s
localhost -d localhost --match owner --uid-owner -j
ACCEPT
iptables -A OUTPUT -p tcp --dport -s
localhost -d localhost -j DROP
These rules prevent direct local access to the webserver so that even
locally the access is only possible via the proxy, where authentication
is necessary. Note that these rules don't block network access; for that
you would need to extend the rules or use a separate firewall.
Best regards,
Timo
On 03/27/2017 01:39 PM, Peter Briggs wrote:
> Hello Timo
>
> For our production setups I've used the htpasswd mechanism as a simple
> way to protect the reports from unauthorised access. The details for
> doing this using nginx are part of the write up here:
>
> http://galacticengineer.blogspot.co.uk/2015/06/exposing-galaxy-reports-via-nginx-in.html
>
>
> HTH
>
> Best wishes
>
> Peter
>
> On 27/03/17 12:29, Timo Janßen wrote:
>> Hi,
>>
>> is it possible to implement some kind of login for the usage reports
>> webapp, so that only admins can see the website? In our current setup
>> the tool is running on a server with many other users so that anyone who
>> knows the port can open the website and see potentially sensitive data.
>>
>> Best regards,
>> Timo
>>
>>
>>
>> ___
>> Please keep all replies on the list by using "reply all"
>> in your mail client. To manage your subscriptions to this
>> and other Galaxy lists, please use the interface at:
>> https://lists.galaxyproject.org/
>>
>> To search Galaxy mailing lists use the unified search at:
>> http://galaxyproject.org/search/
>>
>
--
Timo Janßen
Wissenschaftliche Hilfskraft
Arbeitsgruppe "Anwendungs- und Informationssysteme"
Tel.: +49(0)551/201-1791
E-Mail: timo.jans...@gwdg.de
Gesellschaft für wissenschaftliche Datenverarbeitung mbH Göttingen
(GWDG)
Am Faßberg 11, 37077 Göttingen, URL: http://www.gwdg.de
Tel.: +49 551 201-1510, Fax: +49 551 201-2150, E-Mail: g...@gwdg.de
Service-Hotline: Tel.: +49 551 201-1523, E-Mail: supp...@gwdg.de
Geschäftsführer: Prof. Dr. Ramin Yahyapour
Aufsichtsratsvorsitzender: Prof. Dr. Norbert Lassau
Sitz der Gesellschaft: Göttingen
Registergericht: Göttingen, Handelsregister-Nr. B 598
Zertifiziert nach ISO 9001
smime.p7s
Description: S/MIME Cryptographic Signature
___
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at:
http://galaxyproject.org/search/
