Hi Folks! Here's how I've solved the problem: I'm now running a web2py local server with regular configuration: nohup python web2py.py -i 127.0.0.1 -p 8000
Then configured apache2 based on the alternative "mod_proxy" configuration described in http://web2py.com/book/default/chapter/13. NameVirtualHost *:80 NameVirtualHost *:443 #### deal with requests on port 80 <VirtualHost *:80> Alias / /users/www-data/web2py/applications ### admin requires SSL <LocationMatch "^/admin"> SSLRequireSSL </LocationMatch> ### appadmin requires SSL <LocationMatch "^/welcome/appadmin/.*"> SSLRequireSSL </LocationMatch> ### serve static files directly <LocationMatch "^/welcome/static/.*"> Order Allow,Deny Allow from all </LocationMatch> ### proxy all the other requests <Location "/welcome"> Order deny,allow Allow from all ProxyPass http://localhost:8000/welcome ProxyPassReverse http://localhost:8000/ </Location> LogFormat "%h %l %u %t "%r" %>s %b" common CustomLog /var/log/apache2/access.log common </VirtualHost> <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key <Location "/"> Order deny,allow Allow from all ProxyPass http://localhost:8000/ ProxyPassReverse http://localhost:8000/ </Location> LogFormat "%h %l %u %t "%r" %>s %b" common CustomLog /var/log/apache2/access.log common </VirtualHost> This way, apaches deals with the incomming connections on ports 80 and 443 and then redirects these requests to local web2py default server. This way I'm still secure since appadmin and admin are forced to be over HTTPS and did no bypasses on codes or whatever. [User (HTTPS)--> Apache (HTTP)--> Web2PyServer] Thanks! On Thursday, September 13, 2012 10:38:45 AM UTC-3, Francisco Barretto wrote: > > Hi There! > > Deploying web2py on a server gives me some headache about accessing the > admin page (on server) from a remote machine. First it throwed the message > "'Admin is disabled because insecure channel'. So I found some posts > talking about comment the following code > > > if request.env.http_x_forwarded_for or request.is_https: > > session.secure() > elif not request.is_local and not DEMO_MODE: > raise HTTP(200, T('Admin is disabled because insecure channel')) > > Unfortunatelly, commenting, this part of the access.py file is not the > right way to do it and I know. Besides, it still shows-me this message > "ATTENTION: Login requires a secure (HTTPS) connection or running on > localhost". So, it´s not apropriate and doesn´t even solve the problem. > > Since I´m using linux as my server OS and it doesn´t have a graphic > interface I can´t access the admin page through a local browser. My point > is, how to correctly enable the admin page remote access? Already tryed to > start with the server IP and 0.0.0.0 using ports 8000, 80 and 443 and still > nothing. Also tryied to specify the protocol HTTPS on browser but I get > this error: > > SSL received a record that exceeded the maximum permissible length. > > > (Error code: ssl_error_rx_record_too_long) > > So, can anybody point me the right way? > > Thanks! > --
