[pmwiki-users] How to restrict auth to secure connections

Michael Brenner mik.admin at nurfuerspam.de
Thu Aug 17 04:59:27 CDT 2006


Hello Daniel,
NOT A SOLUTION, just to think about, this code rewrites urls to https(always). 
Maybe you put this into a special condition like "if (authform requested)..."

config.php
...
$ScriptUrl = 'https://'.$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'];
$PubDirUrl = preg_replace('#/[^/]*$#','/pub',$ScriptUrl,1);
...
$UploadDir = preg_replace('#/[^/]*$#','/uploads',
$_SERVER['SCRIPT_FILENAME'],1); //???
$UploadUrlFmt = preg_replace('#/[^/]*$#','/uploads',$ScriptUrl,1);;
...

keep in mind of sideeffects!
found this on internetsearch, you may try to ask me questions about this but 
don't expect to much.

hope this help - mik

Am Donnerstag, 17. August 2006 10:27 schrieb Daniel Rubin:
> Greetings, everyone.
>
> I'd like to restrict authentication to my wiki such that
>    * login is only permitted from connections via https or from
>      the local network
>    * the authentication form is also only shown under these
>      circumstances.
>
> Which is the best way to achieve this?
> I'm using pmwiki-2.1.11 with AuthUser (with htpasswd file), served by an
> Apache on a linux box.
>
> I'll be grateful for any good advice, hints or suggestions.
>
> Have fun,
> ----Daniel




More information about the pmwiki-users mailing list