Hi I was wondering if anyone would provide some guidelines on securing magnolia and AdminCentral?
In my current setup I have 2 servers; 1 public and one private(Author). The private server access is controlled by a hardware firewall and limited only to SSL for certains IP. So this server is already fairly secure. On the other server my installation of magnolia is the ROOT webapp. I was planning to setup request to /.magnolia and /.resources (AdminCentral) so that they would only be available via SSL and also to limit the Ips that could access any resources for my SSL virtual host. Would publishing still work with that setup (I must admit that I am not sure entirely which resources are requested when publishing)? Would I need to specify the public server URL as https on the private (Author) server? Any advice and tips are welcome. Thanks, christian sylvestre NOTE: - I am using Magnolia 3.0.1 and Apache 2.0.x in with the jk connector to Tomcat 5.5.x ---------------------------------------------------------------- for list details see http://www.magnolia.info/en/magnolia/developer.html ----------------------------------------------------------------
