[Mailman-Users] Secure the admin pages
Jim Tittsler
jwt at onjapan.net
Fri Aug 19 06:00:26 CEST 2005
On 2005-08-18 23:14, Mike Hanby wrote:
> Howdy, does anyone know if it's possible to secure the admin pages with an
> .htaccess type security?
[...]
> Ex: http://www.mydomain.com/mailman/admin/mailinglist
>
> Going to this page would pop up an Apache login prompt. If successful, then
> the page would load where they would then have to log in using mailman's
> "List Administrator Password".
You could use a FilesMatch directive to restrict access to the cgi
scripts you were interested in:
<FilesMatch (admin|admindb|create|edithtml|rmlist)>
AuthName "Mailman"
[...]
require valid-user
</FilesMatch>
(Or a LocationMatch directive in your Apache configuration.)
Jim
P.S. Your message might get more attention if you sent a new message
to the mailing list rather than hijacking an existing thread (as you
did by replying to a different message and simply changing the
subject). People that browse the list by thread might not see your
message the way you have done it.
--
Jim Tittsler http://www.OnJapan.net/ GPG: 0x01159DB6
Python Starship http://Starship.Python.net/crew/jwt/
Mailman IRC irc://irc.freenode.net/#mailman
More information about the Mailman-Users
mailing list