1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • Restrict File Area Access

    From Amessyroom@VERT/TL-QWK to All on Friday, December 06, 2024 08:34:17
    How do you restrict file areas not to be seen via web access?

    I assume one method would be flags; so I could set 1F on File Library/Areas to do this; but is there a better or recommended way?

    How can this later be applied when you want to validate a user, without having to manually set flags on users ?

    Currently, I have a security level set for validation and have not used any flags for my user.
    ---
    Amessyroom
    toolazy.synchro.net:2323 (telnet)





    ...If you don't go to people's funerals, they won't come to yours.

    ---
    þ Synchronet þ Too Lazy BBS - toolazy.synchro.net:2323
  • From Nightfox@VERT/DIGDIST to Amessyroom on Friday, December 06, 2024 09:01:38
    Re: Restrict File Area Access
    By: Amessyroom to All on Fri Dec 06 2024 08:34 am

    How do you restrict file areas not to be seen via web access?

    One way is to go to Access Requirements and specify "PROT NOT HTTP" (or "PROT ! HTTP"). That would apply to anyone using web access.

    How can this later be applied when you want to validate a user, without having to manually set flags on users ?

    Are you wanting to grant users access to those areas later with a flag? That, I'm not sure.

    Nightfox

    ---
    þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
  • From Digital Man@VERT to Amessyroom on Friday, December 06, 2024 10:05:59
    Re: Restrict File Area Access
    By: Amessyroom to All on Fri Dec 06 2024 08:34 am

    How do you restrict file areas not to be seen via web access?

    Probably the most "correct" way would be to set the Access Requirements for each File Library (in SCFG) to "PROT NOT HTTP AND NOT HTTPS".

    There are other ways (e.g. webctrl.ini files) too.
    --
    digital man (rob)

    Synchronet "Real Fact" #34:
    The back-up synchro.net nameserver and CVS repository is hosted by Deuce
    Norco, CA WX: 75.3øF, 21.0% humidity, 2 mph S wind, 0.00 inches rain/24hrs
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Errol Casey@VERT to Digital Man on Friday, December 06, 2024 13:09:16
    Re: Restrict File Area Access
    By: Digital Man to Amessyroom on Fri Dec 06 2024 10:05 am

    Re: Restrict File Area Access
    By: Amessyroom to All on Fri Dec 06 2024 08:34 am

    How do you restrict file areas not to be seen via web access?

    Probably the most "correct" way would be to set the Access Requirements for each File Library (in SCFG) to "PROT NOT HTTP AND NOT HTTPS".

    There are other ways (e.g. webctrl.ini files) too. --
    digital man (rob)

    Thanks Digital Man and Nightfox. I wasn't aware of this way; so appreciate it. ---
    Amessyroom
    toolazy.synchro.net:2323 (telnet)
    --- SBBSecho 3.23-Linux
    * Origin: Too Lazy BBS - toolazy.synchro.net:2323 (1:3634/58)
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Gamgee@VERT/PALANTIR to Errol Casey on Friday, December 06, 2024 15:42:53
    Errol Casey wrote to Digital Man <=-

    How do you restrict file areas not to be seen via web access?

    Probably the most "correct" way would be to set the Access Requirements for each File Library (in SCFG) to "PROT NOT HTTP AND NOT HTTPS".

    There are other ways (e.g. webctrl.ini files) too.
    digital man (rob)

    Thanks Digital Man and Nightfox. I wasn't aware of this way; so appreciate it.

    It's amazing what one can learn if they bother to read the Wiki!

    https://wiki.synchro.net/access:requirements




    ... All the easy problems have been solved.
    --- MultiMail/Linux v0.52
    þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
  • From MRO@VERT/BBSESINF to Amessyroom on Friday, December 06, 2024 19:04:02
    Re: Restrict File Area Access
    By: Amessyroom to All on Fri Dec 06 2024 08:34 am

    How do you restrict file areas not to be seen via web access?

    I assume one method would be flags; so I could set 1F on File Library/Areas to do this; but is there a better or recommended way?

    How can this later be applied when you want to validate a user, without having to manually set flags on users ?

    Currently, I have a security level set for validation and have not used any flags for my user.


    so you dont want your files on the web? or are you just trying to restrict
    the whole world from your files when not logged in?

    if i were you i'd just work on locking it down so non valided users can not see your web(and ftp) and your files. It will stop your system for being hit so hard.
    ---
    þ Synchronet þ ::: BBSES.info - free BBS services :::
  • From Amessyroom@VERT/TL-QWK to Gamgee on Saturday, December 07, 2024 06:07:22
    Re: Re: Restrict File Area Access
    By: Gamgee to Errol Casey on Fri Dec 06 2024 03:42 pm

    It's amazing what one can learn if they bother to read the Wiki!

    https://wiki.synchro.net/access:requirements

    Point taken. I do read/search wiki daily. But obviously,
    i didn't read or hit this specific page. Surprisingly.

    Thanks for the reference, and I will spend some time reading it.
    ---
    Amessyroom
    toolazy.synchro.net:2323 (telnet)

    ---
    þ Synchronet þ Too Lazy BBS - toolazy.synchro.net:2323