Restrict Access to Admin Portal based on IP address
Original Question or Issue:
We have identified a vulnerability that requires immediate attention and remediation for the FileCloud hosting site.
Restrict access to the admin portal login page to approved IP address ranges.
Environment:
- Product - FileCloud Server
- Version - Any
- Platform - Any
Steps to Reproduce:
Error or Log Message:
Defect or Enhancement Number:
Cause:
Externally Accessible Administration Portals - Identified as a vulnerability.
Resolution or Workaround:
- Stop Apache Server.
-
Edit the following file, based on the OS on which FileCloud server is installed (adjust these paths for your environment):
Windows C:\xampp\apache\conf\extra\httpd-filecloud.conf Ubuntu /etc/apache2/sites-enabled/000-default.conf RHEL /etc/httpd/conf/httpd.conf - Add the following lines to the configuration. In Windows, lines can be added to the end of the file. On Linux, lines needs to be added inside the VirtualHost configuration
<Location /ui/admin2>
Order deny,allow
deny from all
allow from 192.168.
allow from 33.201.24.69
</Location> -
Restart apache, after making this change. Now admin UI will be accessible only from subnet 192.168.x.x and IP 33.201.24.69.
Notes: