LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    upsset.conf

    
    
    

    DESCRIPTION

           This file only does one job--it lets you convince upsset.cgi(8) that
           your system's CGI directory is secure. The program will not run until
           this file has been properly defined.
    
    
    

    SECURITY REQUIREMENTS

           upsset.cgi(8) allows you to try login name and password combinations.
           There is no rate limiting, as the program shuts down between every
           request. Such is the nature of CGI programs.
    
           Normally, attackers would not be able to access your upsd(8) server
           directly as it would be protected by the LISTEN directives in your
           upsd.conf(5) file, tcp-wrappers (if available when NUT was built), and
           hopefully local firewall settings in your OS.
    
           upsset runs on your web server, so upsd will see it as a connection
           from a host on an internal network. It doesn't know that the connection
           is actually coming from someone on the outside. This is why you must
           secure it.
    
           On Apache, you can use the .htaccess file or put the directives in your
           httpd.conf. It looks something like this, assuming the .htaccess
           method:
    
               <Files upsset.cgi>
               deny from all
               allow from your.network.addresses
               </Files>
    
           You will probably have to set "AllowOverride Limit" for this directory
           in your server-level configuration file as well.
    
           If this doesn't make sense, then stop reading and leave this program
           alone. It's not something you absolutely need to have anyway.
    
           Assuming you have all this done, and it actually works (test it!), then
           you may add the following directive to this file:
    
               I_HAVE_SECURED_MY_CGI_DIRECTORY
    
           If you lie to the program and someone beats on your upsd through your
           web server, don't blame me.
    
    
    

    SEE ALSO

           upsset.cgi(8)
    
       Internet resources:
           The NUT (Network UPS Tools) home page: http://www.networkupstools.org/
    
    
    

    Network UPS Tools 10/09/2011 UPSSET.CONF(5)

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz