Snort mailing list archives
Re: (no subject)
From: wkitty42--- via Snort-users <snort-users () lists snort org>
Date: Thu, 15 Nov 2018 14:57:10 -0500
On 11/15/18 10:42 AM, zally Jazmin Leon Reyes via Snort-users wrote:
Hello😃 Install Snort to run it as NIDS, along with Barnyard2, MySQL, PulledPork, BASE (GUI-Web) in Ubuntu 14. I would like the BASE web interface to request a username and password to access the information, does anyone have any idea how to enable this option? Since if it is free any person that is in the network can manipulate it, now I have using it from this menera freely attached the imegen. Thank you very much in advance for the help.
i don't run base so i don't know what options it offers in its configuration... but if base offers such, that's where you'd find it...
if i were in your position and since i know apache, i'd use apache's access permissions to even get into the base directory... i don't know how other html servers would do this if they even offer this capability... this is not base popping up this access dialog... it is the web server...
another option would be directory container definitions in the web server configs or in the directory's .htaccess file... in apache, you can allow access to only certain IP numbers as a restriction to access a container... so select the few allowed IP numbers and list them in the base directory's directory container definition... you will likely need to create that container definition in the first place... it may be allowed in the individual directory's .htaccess but i don't recall off hand and leave it to interested parties to look that up...
possibly one could use rewrite rules, as well... that's another server option that would be used via .htaccess... they can also filter by ip number and redirect to another page when access is denied...
this is all server side stuff so you need to get friendly with your web server's documentation ;)
-- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- (no subject) susan akam via Snort-users (Oct 02)
- <Possible follow-ups>
- (no subject) Mirko Orlandelli via Snort-users (Oct 04)
- (no subject) Mirko Orlandelli via Snort-users (Oct 19)
- (no subject) Mirko Orlandelli via Snort-users (Oct 20)
- (no subject) zally Jazmin Leon Reyes via Snort-users (Nov 15)
- Re: (no subject) wkitty42--- via Snort-users (Nov 15)
- (no subject) zally Jazmin Leon Reyes via Snort-users (Nov 17)
- Re: (no subject) Sujit Ghosal via Snort-users (Nov 18)