Bug #1853: CDev public? - CUNY Academic Commons - CUNY Graduate Center - Project Tracking System

Actions

Copy link

Bug #1853

closed

CDev public?

Added by Matt Gold over 12 years ago. Updated over 12 years ago.

Status:

Resolved

Priority name:

Normal

Assignee:

Category name:

WordPress (misc)

Target version:

Not tracked

Start date:

2012-04-23

Due date:

% Done:

Estimated time:

Deployment actions:

Description

Hi Boone,

I think I just viewed cdev without logging in; opened a chrome incognito browser window to confirm, and found the same thing.

Actions

Copy link

Updated by Boone Gorges over 12 years ago

Assignee changed from Boone Gorges to local admin

I believe that cdev used to be locked at the global Apache level, but André probably lifted that restriction so that we could figure out some of the JITP stuff a few weeks back.

For the time being, I have reenabled the .htpasswd restriction in .htaccess. But this is problematic in the long run, because we keep .htaccess under version control, and I don't want to extend that authorization requirement to all instances of the Commons. André, for that reason, could I ask you to move the auth block (the first four lines of /var/www/html/.htaccess on cdev) to our vhost definition, so that I can revert .htaccess to the repo version? Thanks.

Actions

Copy link

Updated by local admin over 12 years ago

Boone, would it be acceptable for you to use the technique we worked on before where only a single subdomain (cdev.gc.cuny.edu in this case) would be protected? In this case it could still have the snippet in repo control and not affect the production site.

AuthType Basic
AuthName "Restricted Access" 
AuthUserFile /var/www/.htpasswd
Require valid-user

SetEnvIf Host ^cdev2\.gc\.cuny\.edu challenge_me
SetEnvIf Remote_Addr 127\.0\.0\.1 internal_request

satisfy any
Order Allow,Deny
Allow from all
Allow from internal_request
Deny from env=challenge_me

Actions

Copy link