geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From raxpl <ra...@ANGLESEY.GOV.UK>
Subject Re: securing admin access
Date Mon, 28 Aug 2006 10:19:41 GMT

answer was in apache reverse proxy bit of the admin docs (yes it is a
security risk if left open...)
"In this example the console has been enabled just for demonstation
purposes. In a production environment you will not want to have the console
accessible from the other network (normally the Internet). Having the
console accessible represents a big security exposure."

raxpl wrote:
> 
> hi list
> jrun docs used to recommended that web admin. access was masked off (by
> using iptables/firewall to block incoming packets on that port unless from
> a known ip or range of ip's (great unless you're on dynamic ip's) but the
> jrun admin. was on a different port from anything else so didn't interfere
> with content...this simple to achieve on geronimo ? (an xml file somewhere
> ?) or just a waste of effort ?
> rich
> 

-- 
View this message in context: http://www.nabble.com/securing-admin-access-tf2158727.html#a6017541
Sent from the Apache Geronimo - Users forum at Nabble.com.


Mime
View raw message