[horde] Securing horde access with PHP header() function
Vilius Šumskas
vilius at lnk.lt
Fri Feb 3 03:13:35 PST 2006
Łukasz Wojciechowski <lukas at pronet.lublin.pl> rašė:
> Vilius Šumskas napisał(a):
>> Łukasz Wojciechowski <lukas at pronet.lublin.pl> rašė:
>>
>>
>>> Hello
>>>
>>> In my environment I have specific requirements (suphp in apache) and I
>>> want to use Imp.
>>>
>>> If set static redirection like:
>>> header( "http://MyHostName/horde/imp" );
>>>
>>> in Horde main index file:
>>> /horde/indx.php
>>>
>>> Is this the right way (secure) to cut-off access to Horde Admin Panel ?
>>
>>
>> If you want to use only IMP and to disable access to all other
>> applications, set authentification to "application" and choose IMP.
> This is not 100% solution.
> When I set authentication to "application" and application to "imp" Im
> redirected from "horde/" to "horde/imp" but after I log in I can
> manipulate url and I can get into horde by typing "/horde/index.php"
Ordinary users can't get into admin panel by typing /horde/index.php.
They will be redirected to portal (or imp). Admin panel is viewable
only for users who are described in horde conf.php file
$conf['admins'] array (if I remember correctly).
--
Best Regards,
Vilius Šumskas
LNK TV system administrator
mob.: +370 614 75713
http://www.lnk.lt
More information about the horde
mailing list