Re: [cobalt-users] Question: Will making root pword diff from admin cause trouble?

["Steve Werby" <steve-lists@xxxxxxxxxxxx>]

"Carrie Bartkowiak" <ravencarrie@xxxxxxxx> wrote:
> On Mon, 23 Jul 2001 14:52:31 -0400, Steve Werby mumbled something
> like:
> >>A quick edit of srm.conf and Apache restart and you're good to go.
>
> I'd be curious to see instructions on this, if you've got the time.

No problem.  At the bottom of srm.conf there are Apache Rewrite rules that
tells Apache what files to display when directories like /admin/, /personal/
and /siteadmin/ are found within *any* site hosted on the server.  So you
can open srm.conf (which is the global Apache config file) as follows:

pico -w /etc/httpd/conf/srm.conf

Then change the following line from:

RewriteRule ^/siteadmin/?$
http://%1:81/.cobalt/siteManage/%1/index.html [L,R]

to:

RewriteRule ^/somethingelse/?$
http://%1:81/.cobalt/siteManage/%1/index.html [L,R]

and the site admin interface will no longer be accessible at /siteadmin/,
but will be at /somethingelse/.  Security by obscurity.  Of course to make
the change active you need to restart Apache.  Either turn the webserver off
then on through the GUI or restart using /etc/rc.d/init.d/httpd restart
(RaQ3/4) or httpd.init restart (RaQ1/2).  I make a habit of changing the
/admin/ directory too, though I prefer to move the rewrite lines from
srm.conf to the VirtualHost container for only one of the sites on the box.
That has a couple of benefits.  1. It makes it more difficult to find the
directory (it's renamed and it's only accessible via one site, not all of
them).  2. Each site admin can then use the /admin/ directory for anything
they see fit to use it for.

Some may say that there's no value in implementing security by obscurity and
I'm not going to get into any holy wars, but it gives me an added level of
comfort.  YMMV.

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/