Search Results

Search found 1047 results on 42 pages for 'restrict'.

Page 4/42 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • restrict access to IIS virtual directory from root website

    - by Senthil
    I have two domains (domain1.com and domain2.com). Both of them use the same Windows hosting server with IIS7. One of the domains is being called the "primary domain" by my hosting provider (GoDaddy) and it always points to the root folder that I was given. For the other domain, I have created a virtual directory in IIS and pointed it there. The folder structure is like this - root/ --Default.aspx --SomeFile.aspx --domain2folder/ ----Default.aspx ----Domain2SomeFile.aspx So, if I type domain1.com, I see the regulakr Default.aspx. But if I type domain2.com, I am shown the contents of domain2folder as if it were a separate web application - I think that is what IIS virtual directory is meant for. Well and good. But the problem is, when I type http://domain1.com/domain2folder, I see the domain2's website! But I don't want that to be shown when I use the path like that from domain1. Only if they use domain2.com, user should be able to see those contents. How can I do that? Hope I am making sense. Thanks.

    Read the article

  • How to restrict file system when logged into terminal services

    - by pghcpa
    What I need to accomplish: With one login, when user is physically in the building I need them to see everything. When they are using terminal services with same login they should not be able to see the file system on the network. I can lock down the PC running terminal services as that is its only use. Details: Windows/2003 Server with terminal services. One login for a user (e.g., johndoe). When johndoe logs into the network at his desk in the office, he can see the network files according to group policy. When johndoe logs into terminal services from outside the building, we do not want to allow him see the network. Using 2x to do a published app, but that app has a "feature" that allows user to see network. Published application on termina services (only) is a document management system that is tied to windows login, so I can't give them two logins. With one login, when they are in the building I need them to see everything. When they are using terminal services they should not be able to see the network. I can lock down the PC running terminal services as that is its only use.

    Read the article

  • Restrict VPN user to Remote Desktop only with Sonicwall

    - by Matt
    Basically I want him to only be able to log onto the VPN in order to use Remote Desktop to use HIS machine. Not surf the internet or do anything like that, but just use the programs on his machine that he doesn't have at home. We use a Sonicwall NSA 220 with their regular VPN client. I can create a user for him, but when I create an access rule it applies to all VPN users. How can I make something like that only apply to ONE user?

    Read the article

  • centos iptables, restrict tcp port to specific ips

    - by user788171
    I would like to modify the iptables on my CentOS 5.8 server so that only specific ips can connect to the machine on a specific port. Currently, I have the following in my iptables file: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5000 -j ACCEPT How would I modify that line if I wanted to allow access for only ips 1.1.1.1 and 1.1.1.2 for instance? (they might not necessarily be sequential ips when I do this for reals).

    Read the article

  • How Do I Restrict Repository Access via WebSVN?

    - by kaybenleroll
    I have multiple subversion repositories which are served up through Apache 2.2 and WebDAV. They are all located in a central place, and I used this debian-administration.org article as the basis (I dropped the use of the database authentication for a simple htpasswd file though). Since then, I have also started using WebSVN. My issue is that not all users on the system should be able to access the different repositories, and the default setup of WebSVN is to allow anyone who can authenticate. According to the WebSVN documentation, the best way around this is to use subversion's path access system, so I looked to create this, using the AuthzSVNAccessFile directive. When I do this though, I keep getting "403 Forbidden" messages. My files look like the following: I have default policy settings in a file: <Location /svn/> DAV svn SVNParentPath /var/lib/svn/repository Order deny,allow Deny from all </Location> Each repository gets a policy file like below: <Location /svn/sysadmin/> Include /var/lib/svn/conf/default_auth.conf AuthName "Repository for sysadmin" require user joebloggs jimsmith mickmurphy </Location> The default_auth.conf file contains this: SVNParentPath /var/lib/svn/repository AuthType basic AuthUserFile /var/lib/svn/conf/.dav_svn.passwd AuthzSVNAccessFile /var/lib/svn/conf/svnaccess.conf I am not fully sure why I need the second SVNParentPath in default_auth.conf, but I just added that today as I was getting error messages as a result of adding the AuthzSVNAccessFile directive. With a totally permissive access file [/] joebloggs = rw the system worked fine (and was essentially unchanged), but as I soon as I start trying to add any kind of restrictions such as [sysadmin:/] joebloggs = rw instead, I get the 'Permission denied' errors again. The log file entries are: [Thu May 28 10:40:17 2009] [error] [client 89.100.219.180] Access denied: 'joebloggs' GET websvn:/ [Thu May 28 10:40:20 2009] [error] [client 89.100.219.180] Access denied: 'joebloggs' GET svn:/sysadmin What do I need to do to get this to work? Have configured apache wrong, or is my understanding of the svnaccess.conf file incorrect? If I am going about this the wrong way, I have no particular attachment to my overall approach, so feel free to offer alternatives as well. UPDATE (20090528-1600): I attempted to implement this answer, but I still cannot get it to work properly. I know most of the configuration is correct, as I have added [/] joebloggs = rw at the start and 'joebloggs' then has all the correct access. When I try to go repository-specific though, doing something like [/] joebloggs = rw [sysadmin:/] mickmurphy = rw then I got a permission denied error for mickmurphy (joebloggs still works), with an error similar to what I already had previously [Thu May 28 10:40:20 2009] [error] [client 89.100.219.180] Access denied: 'mickmurphy' GET svn:/sysadmin Also, I forgot to explain previously that all my repositories are underneath /var/lib/svn/repository UPDATE (20090529-1245): Still no luck getting this to work, but all the signs seem to be pointing to the issue being with path-access control in subversion not working properly. My assumption is that I have not conf

    Read the article

  • copSHH how to restrict user from going back from there main root

    - by minus4
    I have installed SFTP on a windows servers using copSSH and all is good and it works well however you can go back from the main root. For example when i use C:\copSSH\home{username} as that user i can go back into copSSH and into them directories too. And I have a user setup to actually be C:\inetpub\wwwroot but that user can go into the system and everything i have this set as my path /cygdrive/c/inetpub/wwwroot It would be ideal if the user could only go forward from the start directory, rather than out and about there is no write ability but there is read and download....... thanks

    Read the article

  • Mirror a Dropbox repository in Sharepoint and restrict access

    - by Dan Robson
    I'm looking for an elegant way to solve the following problem: My development team uses Dropbox for sharing documents amongst our immediate group. We'd like to put some of those documents into a SharePoint repository for the larger group to be able to access, as granting Dropbox access to the group at large is not ideal. However, we'd like to continue to be able to propagate changes to the SharePoint site simply by updating the files in Dropbox on our local client machines, and also vice versa - users granted access on SharePoint that update files in that workspace should be able to save their files and the changes should appear automatically on our client PC's. I've already done the organization of the folders so that in Dropbox, there exists a SharePoint folder that looks something like this: SharePoint ----Team --------Restricted Access Folders ----Organization --------Open Access Folders The Dropbox master account and the SharePoint master account are both set up on my file server. Unfortunately, Dropbox doesn't seem to allow syncing of folders anywhere above the \Dropbox\ part of the file system's hierarchy - or all I would have to do is find where the Sharepoint repository is maintained locally, and I'd be golden. So it seems I have to do some sort of 2-way synchronization between the Dropbox folder on the file server and the SharePoint folder on the file server. I messed around with Microsoft SyncToy, but it seems to be lacking in the area of real-time updating - and as much as I love rsync, I've had nothing but bad luck with it on Windows, and again, it has to be kicked off manually or through Task Scheduler - and I just have a feeling if I go down that route, it's only a matter of time before I get conflicts all over the place in either Dropbox, SharePoint, or both. I really want something that's going to watch both folders, and when one item changes, the other automatically updates in "real-time". It's quite possible I'm going down the entirely wrong route, which is why I'm asking the question. For simplicity's sake, I'll restate the goal: To be able to update Dropbox and have it viewable on the SharePoint site, or to update the SharePoint site and have it viewable in Dropbox. And since I'm a SharePoint noob, I'll also need help hiding the "Team" subfolder from everyone not in a specific group in AD.

    Read the article

  • Allow and restrict remote sql server access

    - by Michel
    Hi, I want to expose my sql server instance via the internet. I've been programming asp.net to sql server for a long time, but for the first time i'm hosting the sql server myself instead of the clients server. So what i want to do is move my sql server from my dev machine at home to a virtual server (yet to hire). But of course i don't want anyone to just enter my sql server but just a few persons. So what i was thinking was to allow only a few ip addresses to the sql server instance. Can anyone tell me how i can expose my sql server to the internet and limit the access to the instance to only a few ip addresses? And ehm, if you know even better ways to secure it, i'd be happy, because this is the first time for me :) Michel

    Read the article

  • Editing sudoers file to restrict a user's commands

    - by devin
    Is it possible to edit the sudoers file so a user can use sudo for any command except for a specified one? I reverse is true, I believe, that the sudoers file can be setup so that a user can only execute a given list of commands. EDIT: the commands I really want to take away are halt and reboot... this makes me think there are special system calls for halt and reboot. Can you take system calls away from a user? If not, is it because the unix permission system abstracts over system calls neglecting this?

    Read the article

  • Restrict programs from accessing the Internet

    - by n0v1c3c0d3r
    I have a 256 kbit/s Internet connection. Most often, I find that the browsing speed is too slow. I have to use TCPView (SysInternals) to find out which program is accessing the Internet without my knowledge and terminate it. Previously I was using ZoneAlarm to control Internet access by installed programs. But as it doesn't work for Windows 7, I'm left with no option. Is there any other tool which serves the purpose?

    Read the article

  • php server settings for restrict post queries

    - by Korjavin Ivan
    I have php script on hosting, which receive big data with ajax/post. Just now, after some works on hosting, I see that script is broken. I checked with curl: file temp1: user_avatar=&user_baner=&user_sig=.... 237 chars total, and curl -H "X-Requested-With: XMLHttpRequest" -X POST --data @temp1 'http://host/mypage.php' works perfect. But with file temp2: name=%D0%9C%D0%B5%D0%B1%%B5%D0%BB%D1%8C%D0%A4%%B0%D0%B1%D1%80%D0%B8%D0%BA%D1%8A&user_payed=0000-00-00&...positions%5B5231%5D=on total chars: 65563 curl -H "X-Requested-With: XMLHttpRequest" -X POST --data @temp2 'http://host/mypage.php' curl return nothing. Looks like a problem with apache/php/php.ini or something like that. I check .htaccess php_value post_max_size 20M Which other parameters I should check? Is it possible that %BO encode kill php/apache? Or total number of parameters (about 2800) ?

    Read the article

  • restrict views of custome list by group in sharepoint

    - by Crash893
    Im pretty new to sharepoint and what i would like to do is create a huge master list of all our employees and then make diffrent "views" on that person depending on the persons group for example a new employe might have sallery info security info personel info contract info i would like to have all that in on row (per employee) but then when someone from the hr group logs in they can only see personel and salery or something like that If that is not an option is there a way to link tables across different lists?

    Read the article

  • How Do I Restrict Repository Access via WebSVN?

    - by kaybenleroll
    I have multiple subversion repositories which are served up through Apache 2.2 and WebDAV. They are all located in a central place, and I used this debian-administration.org article as the basis (I dropped the use of the database authentication for a simple htpasswd file though). Since then, I have also started using WebSVN. My issue is that not all users on the system should be able to access the different repositories, and the default setup of WebSVN is to allow anyone who can authenticate. According to the WebSVN documentation, the best way around this is to use subversion's path access system, so I looked to create this, using the AuthzSVNAccessFile directive. When I do this though, I keep getting "403 Forbidden" messages. My files look like the following: I have default policy settings in a file: <Location /svn/> DAV svn SVNParentPath /var/lib/svn/repository Order deny,allow Deny from all </Location> Each repository gets a policy file like below: <Location /svn/sysadmin/> Include /var/lib/svn/conf/default_auth.conf AuthName "Repository for sysadmin" require user joebloggs jimsmith mickmurphy </Location> The default_auth.conf file contains this: SVNParentPath /var/lib/svn/repository AuthType basic AuthUserFile /var/lib/svn/conf/.dav_svn.passwd AuthzSVNAccessFile /var/lib/svn/conf/svnaccess.conf I am not fully sure why I need the second SVNParentPath in default_auth.conf, but I just added that today as I was getting error messages as a result of adding the AuthzSVNAccessFile directive. With a totally permissive access file [/] joebloggs = rw the system worked fine (and was essentially unchanged), but as I soon as I start trying to add any kind of restrictions such as [sysadmin:/] joebloggs = rw instead, I get the 'Permission denied' errors again. The log file entries are: [Thu May 28 10:40:17 2009] [error] [client 89.100.219.180] Access denied: 'joebloggs' GET websvn:/ [Thu May 28 10:40:20 2009] [error] [client 89.100.219.180] Access denied: 'joebloggs' GET svn:/sysadmin What do I need to do to get this to work? Have configured apache wrong, or is my understanding of the svnaccess.conf file incorrect? If I am going about this the wrong way, I have no particular attachment to my overall approach, so feel free to offer alternatives as well. UPDATE (20090528-1600): I attempted to implement this answer, but I still cannot get it to work properly. I know most of the configuration is correct, as I have added [/] joebloggs = rw at the start and 'joebloggs' then has all the correct access. When I try to go repository-specific though, doing something like [/] joebloggs = rw [sysadmin:/] mickmurphy = rw then I got a permission denied error for mickmurphy (joebloggs still works), with an error similar to what I already had previously [Thu May 28 10:40:20 2009] [error] [client 89.100.219.180] Access denied: 'mickmurphy' GET svn:/sysadmin Also, I forgot to explain previously that all my repositories are underneath /var/lib/svn/repository UPDATE (20090529-1245): Still no luck getting this to work, but all the signs seem to be pointing to the issue being with path-access control in subversion not working properly. My assumption is that I have not conf

    Read the article

  • How can I restrict SSH access when the source IP is dynamic

    - by Supratik
    Hi I want to protect SSH access to our live web server from all IP's except our office static IP. There are some employees who connects to this live server from their dynamic IP's. So, it is not always possible for me to change in the iptables rule in live server whenever the dynamic IP of the employee changes. I tried to put them in office VPN and allowed only SSH access from office IP but the office connection is slow in compared to our employee's private internet connection, moreover it adds an extra overhead to our office network. Is there any way I can solve this problem ?

    Read the article

  • FTP restrict user access to a specific folder

    - by Mahdi Ghiasi
    I have created a FTP Site inside IIS 7.5 panel. Now I have access to whole site using administrator username and password. Now, I want to let my friend access a specific folder of that FTP site. (for example, this path: \some\folder\accessible\) I can't create a whole new FTP Site for this purpose, since it says the port is being used by another website. How to create an account for my friend to have access to just an specific folder? P.S: I have read about User Isolation feature of IIS 7.5, but I couldn't find how to create a user just for FTP and set it to a custom path.

    Read the article

  • Restrict access to SSH for one specific user

    - by j0nes
    I am looking for a way to secure my servers with the following setup: I have a server where I can log in via SSH. The main account there (named "foo") is secured by a keybased login with password. I have another user account (named "bar") that I use to log in via cronjobs running on other servers - this one also has keybased login, but without password. Now I want to limit access to this machine for the "bar" account. The account should only be accessible via known IPs. However, the "foo" account should not be affected by this, this one should basically be accessible from any IP. How can I manage this? Or is there a simpler solution to everything?

    Read the article

  • Win2008 - restrict VPN user permissions

    - by Sebas
    Windows 2008 R2 SP1 Foundations file server with no AD, only workgroup sharing some folders, and now a RRAS server. Shared folders are open to everyone in the office (XPs and Sevens) without accounts/passwords, but I was thinking about partially limiting access to the new "VPNuser" account. I'm new to Windows Server and its permissions settings: I thought about denying access to vpnuser through NTFS rights in some folders. It doesn't work, but now I'm guessing that the vpnuser is not considered as a logged user (doesn't appear as such) and is considered a "guest", like the rest of people connecting in the office. I say that because of this: http://social.technet.microsoft.com/Forums/windowsserver/en-US/ff6d3726-ff41-4d3f-9d97-5361af0206dd/vpn-users-on-server-shows-as-guest?forum=winserverNIS Also, because when I create a txt file using the VPN connection, owner field shows in description as "guest". Am I right? How can I set different rights for the VPNuser from the rest of "guest" users in the office?

    Read the article

  • Apache - Restrict to IP not working.

    - by Probocop
    Hi, I've a subdomain that I only want to be accessible internally; I'm trying to achieve this in Apache by editing the VirtualHost block for that domain. Can anybody see where I'm going wrong? Note, my internal IP address here are 192.168.10.xxx. My code is as follows: <VirtualHost *:80> ServerName test.epiphanydev2.co.uk DocumentRoot /var/www/test ErrorLog /var/log/apache2/error_test_co_uk.log LogLevel warn CustomLog /var/log/apache2/access_test_co_uk.log combined <Directory /var/www/test> Order allow,deny Allow from 192.168.10.0/24 Allow from 127 </Directory> </VirtualHost> Thanks

    Read the article

  • Fortigate restrict traffic through one external IP

    - by Tom O'Connor
    I've got a fortigate 400A at a client's site. They've got a /26 from British Telecom, and we're using 4 of those IPs as a NAT Pool. Is there a way to say that traffic from 172.18.4.40-45 can only ever come out of (and hence go back into) x.x.x.140 as the external IP? We're having some problems with SIP which looks like it's coming out of one, and trying to go back into another. I tried enabling asymmetric routing, didn't work. I tried setting a VIP, but even when I did that, it didn't appear to do anything. Any ideas? I can probably post some firewall snippets if need be.. Tell me what you want to see. SIP ALG config system settings set sip-helper disable set sip-nat-trace disable set sip-tcp-port 5061 set sip-udp-port 5061 set multicast-forward enable end Interesting Sidenote VoIP phones, with no special configuration can register fine to proxy.sipgate.co.uk, which has an IP address of 217.10.79.16. Which is cool. Two phones are using a different provider, whose proxy IP address is 178.255.x.x. These phones can register for outbound, but inbound INVITEs never make it to the phone. Is it possible that the Fortigate is having trouble with 178.255.x.x as it's got a 255 in it? Or am I just imagining things?

    Read the article

  • restrict access to IIS virtual directory from root website

    - by senthilkumar-c
    Hi, I have two domains (domain1.com and domain2.com). Both of them use the same Windows hosting service with IIS7. One of the domains is being called the "primary domain" by my hosting provider and it always points to the root folder that I was given. For the other domain, I have created a virtual directory in IIS and pointed it there. The folder structure is like this - root --Default.aspx --domain2folder ----Default.aspx So, if I type domain1.com, I see the regulakr Default.aspx. But if I type domain2.com, I am shown the contents of domain2folder as if it were a separate web application - I think that is what IIS virtual directory is meant for. Well and good. But the problem is, when I type http://domain1.com/domain2folder/, I see the domain2's website! But I don't want that to be shown when I use the path like that from domain1. Only if they use domain2.com, user should be able to see those contents. How can I do that? Hope I am making sense. Thanks.

    Read the article

  • Restrict Administrators from changing system time - Windows XP machines (no domain)

    - by user72128
    I need to write a script that will remove all users under Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > User Rights Assignment > Change the system time from the local group policy (gpedit.msc) on all Windows XP machines. These machines are not on the domain. I DO have a way to distribute and run the script automatically. Can someone point me in the right direction for creating a script like this?

    Read the article

  • Restrict access to one SVN repository (overwrite default)

    - by teel
    I'm trying to set up our SVN server so that by default the group developers will have access to all repositories, but I want to override that setting on some certain repositories where I want to allow access only to single defined users (or separate groups) The current configuration is SVN + WebDAV on Apache2. All my repositories are located at /var/lib/svn/ In dav_svn.authz I currently have [/] @developers = rw @users = r Now I want to add one repository (let's call it secret_repo) that would only allow access to one user who is also a member of the developers group.¨ I tried to do [secret_repo:/] * = secret_user = rw Where secret_user is the user I'd like to give access to the repository, but it doesn't seem to work. Currently the server is using Apache's LDAP module to authenticate users from our active directory domain and I'd like to keep it that way if possible. Also I seem to be able to browse all my repos freely with any web browser, which I'd like to block. Second problem is that I have webSVN on the server, which is using Apache's LDAP authentication. Everyone who is a member of our domain can access it, so I'd like to hide this secret_repo from websvn listing. It's configured not with parentPath("/var/lib/svn");. Do I really need to remove that and add every repository separately, except the ones I want to hide?

    Read the article

  • Restrict only some plugins to specific sites in Google Chrome

    - by Christian
    I am looking for a way to set up Google Chrome so that it will run a certain plug-in (Java, what else?) only on whitelisted sites, but other plug-ins (like the PDF viewer) everywhere. From playing with the policies available for Chrome, I think there are basically two levels of plug-in management: List of disabled plugins/enabled plugins: Controls whether a plug-in exists for the browser at all This pair of policies applies to plug-ins, but not to sites. Default plug-in settings/Allow plug-ins on sites: Controls on which sites plug-ins can run This set of policies applies to sites, but not to individual plugins, and it cannot override the first pair. There appears to be no way to configure Chrome so that some plug-ins only run on whitelisted sites, but others run everywhere by default. I have also looked at filtering content on the firewall/proxy level, but I'm not convinced it can be done securely there. Filtering by URLs (file names) or content types can be circumvented trivially, and identification by content inspection cannot be safe either.

    Read the article

  • Restrict Apache to only allow access using SSL for some directories

    - by DrStalker
    I have an Apache 2.2 server with an SSL certificate hosting several services that should be only access using SSL. ie: https://myserver.com/topsecret/ should be allowed while http://myserver.com/topsecret/ should be either denied or, ideally, redirected to https. http://myserver.com/public should not have this restriction, and should work using either http or https. The decision to allow/deny http is made at the top level directory, and affects all content underneath it. Is there a directive that can be placed in the Apache config to retrict access in this manner?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >