Hi There,
I'm trying to use web2py in a ubuntu server without graphic interface so I
need to access the admin page remotely.
Started the server with ip 0.0.0.0 and port 8000 and got the message:
"Admin is disabled because insecure channel"
I saw some users commenting the above part of access.py (inside admin app):
if request.env.http_x_forwarded_for or request.is_https:
session.secure()
elif not request.is_local and not DEMO_MODE:
raise HTTP(200, T('Admin is disabled because insecure channel'))
The problem with this kind of approach is that it raises serious security
issues if you want to use it in a real production environment.
So, I tried to set ssh and followed this tutorial:
http://www.web2py.com/AlterEgo/default/show/140
Setted up without any errors and started web2py as follows:
python web2py.py -c server.crt -k server.key -i 0.0.0.0 -p 443
(also tried ports 80 and 8000)
but it raises the following log:
web2py Web Framework
Created by Massimo Di Pierro, Copyright 2007-2012
Version 2.0.2 (2012-08-30 04:08:18) stable
Database drivers available: SQLite3, pymysql, pg8000, IMAP
WARNING:web2py:GUI not available because Tk library is not installed
choose a password:
please visit:
https://0.0.0.0:443
use "kill -SIGTERM 1120" to shutdown the web2py server
WARNING:web2py:unable to open SSL certificate. SSL is OFF
My question is: is there any "right" way to enable remote admin page access?
Thanks, folks!
--
