OK I have stunnel working. I would like to write a howto for the wiki, but I would like to include the encrypted passwords in the how to also.
Duncan Webb wrote: > Ryan Roth wrote: > >> The reason I wanted this is start making the web interface more secure. >> I wanted to take with people and see what they though about changing the >> web server to a secure server. This would be nice for those of us who >> forward web traffic from our public IP to our Freevo box. >> > > That's what I thought the intention was. However making the password > more secure does not mean that the freevo box is secure. There are > several things that you need to do to make the box more secure when > accessed externally. > > First install stunnel, this means that you can access the freevo box > using the https:// protocol, this means that the data, including > passwords is not transmitted over the net in a readable form. See: > http://www.linuxfromscratch.org/blfs/view/svn/postlfs/stunnel.html > > Configure a service for freevo webserver: > [https] > accept = 443 > connect = 8080 > TIMEOUTclose = 0 > > You will need a group and a user for freevo webserver access. Lets say: > groupadd -g 80 freevo > useradd -c "Freevo Webserver" -d /home/freevo \ > -g freevo -s /bin/false -u 80 freevo > > Change the freevo webserver port and user and group ids in local_conf.py > WEBSERVER_UID = 80 > WEBSERVER_GID = 80 > WEBSERVER_PORT = 8080 > > Then you have to change the group and the permissions of the freevo > media directories. Something like: > find /freevo -type d -exec chgrp freevo {} \; > find /freevo -type d -exec chmod g+ws {} \; > > You will also need to change the ownership and permissions on other > files, eg webserver-80.log, so that the freevo user can write to these > files. There may be more that you need to change. > > Lastly you need to open port 443 on your firewall that then points to > the freevo box. > > Hope this helps and when you have got it working may be adding a wiki > page would be good. > > Duncan > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Freevo-users mailing list > Freevo-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freevo-users > > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Freevo-users mailing list Freevo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freevo-users
