Integrating dotDefender with suEXEC
Posted by - NA - on 29 July 2009 04:55 PM
- Execute the suexec.sh script found in the directory: /usr/local/APPCure/integration/. The script creates a directory under the DocumentRoot of a specified site. This directory will include files and links to the dotDefender GUI directory. Execute the script in the following format:
sh ./suexec.sh web_interface_dir suexec_user suexec_group
web_interface_dir - Path to directory to be created by script under DocumentRoot of one of the sites configured in the apache web
suexec_user - The user configured under SuexecUserGroup directive which belongs to the defined site .
suexec_group - The group configured under SuexecUserGroup directive that belongs to the defined site.
Example: If DocumentRoot=/var/www/html/ and SuexecUserGroup is www www
The script could be executed as follows:
sh ./suexec.sh /var/www/html/dDAdmin/ www www
- Copy the content of the dotDefender.conf file (Which will be created in web_interface_dir) to your Apache configuration file (httpd.conf), and
restart Apache. If you are not sure where in the Apache configuration file to add the content, simply add it to the end of the file.
Now you can manage dotDefender through http://site/web_interface_dir/
It is strongly recommended to limit the access to this directory to specific IP addresses and secure it with a password through apache directives
(AuthName, AuthType, Allow from).
- Add a White-list rule to allow all requests originating from the dotDefender Admin panel:
- Open the dotDefender Admin panel using the URL which was configured in paragraph 2. For example: http://www.site.com/dDAdmin/
- Open the profile for the site by clicking the Settings button. If the site is set to "Use Default" operating mode, open the Default Profile.
- Select the white-page Edit icon in the Whitelist (Permitted Access List) category
- From the bottom dropdown menu, starting from the left, select "SecFilterSelective" and "Request_URI" and type the URI for the dotDefender
Admin panel in the Keyword field. For example: ^/dDAdmin. In the Action field, select "Allow", in the Log Level field, select "No Log" and click
- Click the Index icon to return to the main page and click the Refresh Settings button for changes to take effect.