Table of Contents
This document applies only to the SME Server V5.
With the SME Server V5, we added the ability to access the server manager remotely through a regular web browser using SSL encryption (also known as HTTPS).
A few notes before the process is outlined:
HTTPS access to the manager and password panel are always available from all configured local (internal) networks. Extra external IPs and/or networks/masks can be added through process outlined below.
In all cases, the user must enter the username admin and your system password in order to be authenticated and gain access to the server manager.
There is no manager option to set the ValidFrom property outlined below at this stage. All configuration is from the Linux command line.
The ValidFrom property affects remote access to both the server manager and also the password panel where users can change their password.
To enable SSL access to the server manager, follow the steps outlined below.
Set the properties of httpd-admin with a list of valid addresses. (Examples shown below.)
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom IP/Subnet[,IP/Subnet] |
Expand the httpd.conf templates:
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf |
/etc/e-smith/events/actions/restart-httpd-graceful |
Access the server manager from the remote system using the full domain name and the regular url (make sure to use https):
https://www.mydomain.xxx/server-manager |
If you only want to allow remote access from a single IP address, use:
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom 10.123.54.24 |
If you want to allow remote access from a small number of individual IP addresses, use:
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom 10.123.54.24,10.123.54.25,192.168.120.51 |
If you wish to allow remote access from a range of IP addresses that can be addressed using an appropriate subnet mask[1], use:
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom 192.168.100.0/255.255.255.0 |
If there are several ranges that you wish to allow, you can combine them on a single line as follows:
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom 10.114.200.0/255.255.255.0,192.168.145.88/255.255.255.248 |
To disable SSL access to the server manager, follow the steps outlined below.
Delete the ValidFrom property for httpd-admin from the configuration database:
/sbin/e-smith/db configuration delprop httpd-admin ValidFrom |
Expand the httpd.conf template:
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf |
/etc/e-smith/events/actions/restart-httpd-graceful |
All attempts to connect to the server manager from the external network should now be refused.
Please send any comments about this document to documentation@e-smith.com.
$Revision: 1.8 $ $Date: 2001/10/23 19:59:23 $
[1] It is also possible to use CIDR notation for subnets where 192.168.120.0/24 would be used instead of 192.168.120.0/255.255.255.0. Both forms are supported.