httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeroen Van den Horn <jer...@cloudwork.nl>
Subject Re: [users@httpd] Discussion about possible new feature for Apache HTTP Server
Date Mon, 30 Jun 2014 12:30:35 GMT
I'm sure that when you fiddle a bit with some RewriteCond's and
RewriteRules you can accomplish what you want out-of-the-box.

J


On Mon, Jun 30, 2014 at 2:23 PM, Gulkamal Singh <lund.singh.1982@gmail.com>
wrote:

> Lets say that I have a domain hosting a public facing website (
> www.mywebsite.com).  Now lets say that -
>
> 1) Security is not a big thing.
> 2) To save money, I want to host the admin interface on the same domain (
> www.mywebsite.com/admin).
> 3) The admin interface requires login but never the less I do not want the
> public to be even aware of the location of the admin interface.
> 4) But there is a chance that someone might type in
> www.mywebsite.com/admin by guessing and discover that there is an admin
> user interface there.
> 5) I dont want to use complicated IP blocking to block access to the admin
> interface - I want to be able to login from any machine.  I also dont want
> to go down the expensive certificate route.
>
> In this case, the following will be useful -
>
> 1) A browser that has a simple interface from where I can map a key to a
> url.  When I make a request to my admin URL, it sends this key in the
> header, get or post.
> 2) A server which shows a 404 unless the key is present in the header, get
> or post.
>
> This is fairly a simple feature and I feel that if browsers and servers
> implement this, it could become popular.  Could people please give me
> thoughts on this, if there might be benefits to this, and if it would be
> possible for apache http server to implement this?
>

Mime
View raw message