2010-03-25 23:20:59 +00:00
|
|
|
# Network UPS Tools - upsset.conf sample file
|
|
|
|
#
|
|
|
|
# This file is provided to ensure that you do not expose your upsd server
|
|
|
|
# to the world upon installing the CGI programs. Specifically, it keeps
|
2022-06-29 10:37:36 +00:00
|
|
|
# the upsset.cgi program from running until you have assured it that you
|
2010-03-25 23:20:59 +00:00
|
|
|
# have secured your web server's CGI directory.
|
|
|
|
#
|
|
|
|
# By default, your web server will probably let anyone access upsset.cgi
|
|
|
|
# once it is installed. This means that anyone could attempt to crack
|
2022-06-29 10:37:36 +00:00
|
|
|
# upsd logins since they would appear to be coming from your web server,
|
2010-03-25 23:20:59 +00:00
|
|
|
# rather than the outside world, slipping through any ACL/ACCESS definitions.
|
|
|
|
#
|
|
|
|
# For this reason, you *MUST* first secure your CGI programs before
|
|
|
|
# enabling upsset in this configuration file. If you can't do this in
|
|
|
|
# your web server, then you should *not* run this program.
|
|
|
|
#
|
|
|
|
# For Apache, the .htaccess file can be used in the directory with the
|
|
|
|
# programs. You'll need something like this:
|
|
|
|
#
|
2022-06-29 10:37:36 +00:00
|
|
|
# <Files upsset.cgi>
|
|
|
|
# deny from all
|
|
|
|
# allow from your.network.addresses
|
|
|
|
# </Files>
|
2010-03-25 23:20:59 +00:00
|
|
|
#
|
|
|
|
# You will probably have to set "AllowOverride Limit" for this directory in
|
|
|
|
# your server-level configuration file as well.
|
|
|
|
#
|
|
|
|
# If this doesn't make sense, then stop reading and leave this program alone.
|
|
|
|
#
|
2022-06-29 10:37:36 +00:00
|
|
|
# Assuming you have all this done (and it works), then you may uncomment
|
2010-03-25 23:20:59 +00:00
|
|
|
# the line below and start using upsset.cgi through your web browser.
|
|
|
|
#
|
|
|
|
|
|
|
|
###
|
|
|
|
### I_HAVE_SECURED_MY_CGI_DIRECTORY
|
|
|
|
###
|