webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-17 06:23:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,059 Commits 2 Branches 1 Tag
afd0cd232fa0d545ebdb70a114f044cde7b99985
Commit Graph

57 Commits

Author SHA1 Message Date
Michael Tremer
1d68e28753 captive: Do not try to execute the favicon 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
78148cc1e5 captive: Run apache in HTTP/1.0 mode 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Tested-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
9b6227cc2a captive: Let apache follow symlinks to load bootstrap 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 19:00:04 +01:00
Michael Tremer
0a02d9bb0c captive-portal: Move CGI files to CGI directory 
Previously the assets directory has ExecCGI privileges
which is not at all required and potentially dangerous.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
4ddf453804 captive: Reindent apache configuration 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Michael Tremer
a79b220c5a captive: Log into default apache log files 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-22 18:54:45 +01:00
Alexander Marx
8b92078917 Captive-Portal: add web-part 
Introduce new Captive-Portal.
Here we add the menu, apache configuration (vhost), IPFire configuration
website and Captive-Portal Access site. Also the languagefiles are
updated.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
 2017-09-22 18:54:03 +01:00
Wolfgang Apolinarski
d41fe99f74 Update to apache 2.4.27 
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-04 12:40:20 +01:00
Peter Müller
0effbb3569 fix WebUI system information leak 
Disable unauthenticated access to cgi-bin/credits.cgi. The page
leaks the currently installed version of IPFire and the hardware
architecture.

Both information might make a successful attack much easier.

This issue can be reproduced by accessing https://[IPFire-IP]:444/cgi-bin/credits.cgi
and accepting a SSL certificate warning (if any).

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-09-04 12:25:23 +01:00
Michael Tremer
ba2247a4b2 apache only supports MaxClients up to 256 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-04-04 18:59:44 +01:00
Michael Tremer
c016773b98 apache: Allow more processes/connections as the same time 
In large networks, when ever multiple clients connect at the
same time and request the proxy.pac configuration file, apache
rate-limited requests so that some clients did not get a response
and therefore could not connect to the Internet.

This allows apache to handle more connections at the same time.

Suggested-by: Thoralf Söldenwagner <soeldenwagner@brecht-schule.hamburg>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-02-28 11:32:08 +00:00
Michael Tremer
3b7d73d1d4 Fix potential HTTPoxy vulnerability 
https://httpoxy.org/

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-07-19 15:02:16 +01:00
Michael Tremer
afdf148388 Split web-user-interface from apache2 LFS file 
It is completely unnecssary to have this in one file
and using options for the LFS is more of a hack than
a solution.
 2015-05-05 14:00:20 +02:00
Michael Tremer
261121f1df Remove some left-over files 2015-03-18 15:18:56 +01:00
Michael Tremer
becbf67de7 apache: Do not show loaded modules 
The server header will show less information about the
modules of the apache daemon.

Fixes #10671
 2015-03-11 15:42:08 +01:00
Michael Tremer
a7006325c0 apache: Disable SSLv3 by default for the IPFire webinterface 2014-10-15 22:55:26 +02:00
Michael Tremer
69776cc42f apache: Update cipher suite that is used for the web user interface. 
Taken from here with exception of RC4.
  https://wiki.mozilla.org/Security/Server_Side_TLS#Apache
 2014-02-26 15:01:29 +01:00
Michael Tremer
f87161948c apache: Allow accessing sarg reports for admins. 2012-11-26 11:19:51 +01:00
Christian Schmidt
7b9fe2c864 apache: Tuning max spare servers to 10, this should speed up webinterface and updx. 2011-05-23 07:07:13 +02:00
Arne Fitzenreiter
3ae6726a8e Fix ssl-global.conf (settings was ignored). 2011-01-26 17:41:15 +01:00
Christian Schmidt
a4c7687980 Even if the ssl may never be used for this, the entry should be correct. 2010-06-21 22:42:08 +02:00
Christian Schmidt
7e62048742 Added urlrepo for local file redirection to httpd alias. 2010-06-21 21:03:20 +02:00
Arne Fitzenreiter
0bc58278b9 Fix update acclerator file download at webif. 
bug #0000667
 2010-06-21 20:45:33 +02:00
Arne Fitzenreiter
5af32f5c8c Add wpad.dat alias that point to proxy.pac. 2010-06-03 21:27:24 +02:00
Christian Schmidt
e9007fefa0 Fixed url filter repository for local redirects. 
This fixes bug #0000613
 2010-04-11 09:07:13 +02:00
Peter Pfeiffer
e2e23c306b last changes for Nagios (now on port 1008) 2009-03-24 21:54:50 +01:00
maniacikarus
128c258976 Forgotten the webconf 2009-03-14 15:06:33 +01:00
maniacikarus
ae882c0017 This should make nagios more ipfire-like 2009-03-14 15:05:17 +01:00
Peter Pfeiffer
6e17c7df06 Nagios addon install.sh with vhost Port 1007 added 2009-03-14 14:00:46 +01:00
Peter Pfeiffer
2b11cc8648 Modified config default-server.conf for nagios. 2009-03-10 12:39:10 +01:00
Arne Fitzenreiter
96a44fe5cb Removed mod_perl 2008-06-21 06:18:30 +02:00
Arne Fitzenreiter
6efa15b826 Fix Loadmodule mod_perl.so 
Add mod_perl config updater
 2008-06-14 17:27:32 +02:00
Arne Fitzenreiter
e4d854551f Esniper use https now, added esniper backup include 2008-06-03 22:51:12 +02:00
Michael Tremer
810a7ea2f2 Imported mod_perl by xpapa. 2008-05-22 12:09:57 +02:00
Michael Tremer
d115df8992 Added esniper. 2008-05-13 21:54:06 +02:00
maniacikarus
381f2e7111 Moved updbooster cache files to a larger partition 
Added changes to the first core update to avoid full root partitions


git-svn-id: http://svn.ipfire.org/svn/ipfire/branches/2.1/trunk@1113 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-12-02 10:15:52 +00:00
ms
6bb1416205 Typo in compilation commands of postfix. 
Now it works together with cyrus sasl!


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@1045 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-11-01 14:18:27 +00:00
ms
6f10c6a17d Three little fixes... 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@1019 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-10-28 14:24:48 +00:00
ms
71f264054e PHP is not existing at the beginning. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@1013 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-10-27 21:39:23 +00:00
ms
58493e1ef0 Openmailadmin integriert. 
Webcyradm ist dagegen rausgefallen.
vhosts fuer openmailadmin und phpaj gemacht.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@891 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-09-15 18:18:23 +00:00
maniacikarus
ca9f21de73 Ohne Webinterface is doof 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@880 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-09-08 12:30:48 +00:00
ms
71ec207479 Php5-Konfuguration im Apache angepasst. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@869 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-09-01 10:03:25 +00:00
ms
51f3b7f5af QoS-Graphen wieder eingebaut. 
usbutils und which Paket gemacht.
unbenoetigte Apache-Module werden nicht geladen.
Net-SSLeay gefixt - DynDNS braucht das.
Alsa-Module werden geladen.
Java-paket verkleinert.
Sambactrl gefixt.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@652 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-06-30 17:21:34 +00:00
ms
d733119b38 Alle htdocs nach /srv/web verschoben... 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@363 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-12-13 19:56:41 +00:00
ms
231048413c Starte SSH-Server beim Boot. 
Starte Cron-Server beim Boot.
Apache bearbeitet.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@357 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-12-05 21:57:32 +00:00
delaco
f1baee3ed4 MONSTER-REVISION! 
* Alte und ueberfluessige Pakete entfernt.
  * Proxy-Pfade gefixt.
  * MySQL in ISO gepackt.
  * Apache2-Konfigurations-Fix.
  * XAMPP entfernt. STILL EXPERIMENTAL
  * make.sh aufgeraeumt.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@293 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-09-22 23:05:21 +00:00
delaco
9297899ccf Hinzugefuegt: 
* SysLinux Patch vergessen.
  * Workaround um PHP5 zu kompilieren.

git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@286 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-09-19 19:46:43 +00:00
ms
90c973a6a7 Hinzugefuegt: 
* Konfiguration fuer Apache2
Kernelupgrade auf 2.4.33.3
Syslinux-Upgrade
Gefixt:
  * /tmp/ROOTFILES hat nichts in der ISO zu suchen.
  * Fehler im Installer wegen Apache2.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@283 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-09-18 19:05:20 +00:00
delaco
e3a8510ae3 Hinzugefuegt: 
* Interface fuer den Benutzer dial.
Geandert:
  * Standardland fuer OpenSSL-Zertifikate ist statt GB jetzt DE.
  * makegraphs gefixt.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@214 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-07-19 14:59:29 +00:00
ms
6693216e1e Bugfixes: 
* Framebufferdevices
  * Bootscripts vergessen ;-)
  * Hoffentlich den Doppel-Anmelde-Fehler behoben.
  * Jetzt Tux im Konsolensplash.
  * Libjpeg in ISO enthalten.
  * Installer gefixt.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@201 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-07-06 20:15:31 +00:00