Koozali.org: home of the SME Server

Obsolete Releases => SME 9.x Contribs => Topic started by: Arnaud on January 07, 2017, 05:06:22 PM

Title: Restrict access od LemonLDAP::NG to internal LAN
Post by: Arnaud on January 07, 2017, 05:06:22 PM: Hello,

I would like to restrict the access of both sub-domains of LemonLDAP (auth.domain.tld and sso-manager.domain.tld) to the internal LAN only.

I had a look into /etc/httpd/conf/httpd.conf and if I can understand the file in a correct way:
- subdomain "sso-manager" is already restricted to LAN (Order deny,allow // Deny from all // Allow from 127.0.0.1 + internal broadcast IP's)
- subdomain "auth" is accessible from "outside" (and in my case it is)

Then I would process according the wiki https://wiki.contribs.org/Webapps-common (https://wiki.contribs.org/Webapps-common):
Code: [Select]
db domains setprop auth.domain.tld AllowHosts 'local'

=> Is it the correct way or are there specific parameters of LemonLDAP for this purpose?

Thanks.
Bye
Arnaud

PS: I won't forget the removal of both subdomains in the external DNS too!

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy | Terms and Policies