I added the user from user management but I don't know what to do further how to check?
I am expecting to user don't access public html folder.
User will be able to access the public html folder, if they are accessing it through cPanel. Unfortunately, there is no way around this as phpMyAdmin is secured with cPanel authentication.
However, you could install your own phpMyAdmin on your domain and provide access through it. You can find more information about how to do it here.
Related
I use current stable version of Nextcloud (nextcloud docker image). I want to disable an authentication window when user enter the site. Is it possible? I found only anonymous upload feature in official doc.
Nextcloud is build around the concept that each user has it's personal (cloud) folder where he can upload, edit and share files. Therefore you cannot access the "normal" user interface without a log in.
However it is possible for any user to share files/folders via a link and allow editing of them without login:
https://docs.nextcloud.com/server/latest/user_manual/en/files/sharing.html#public-link-shares
https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/file_sharing_configuration.html
But just in case you rally want to give all anonymous visitors of your Nextcloud instance the option to upload and edit files anonymously, here is a possible solution:
Create a folder anonymous with your admin account
Share it via link and allow editing
In your admin settings, go towards Theming: https://your-domain.com/settings/admin/theming
Set Anonymous Usage as Name and your shared link as Web link
Now if you log out and access your Nextcloud instance, you'll see a link at the very bottom called Anonymous Usage that you (and your clients) can follow to upload files/folders or edit existing ones. All files uploaded via that link will be stored inside the anonymous folder and will be owned by your admin account. So make sure to set the storage quota on that account high enough.
Be ware that
by visiting your Nextcloud instance anyone could delete all files inside anonymous as he doesn't need to authenticate himself.
the visitors are not fully anonymous, as there are probably some log files of Nextcloud and your Webserver with their IP addresses.
I am trying to find out how secure this scenario would be.
I have a directory which I do not want anybody to ever be able to access or download the encrypted log files within the directory.
I have this directory protected by .htaccess basic authentication.
I have not set a username and password for the directory.
I have ssh key setup for my ftp client and have disabled ftp so nobody could get through to download this directory via ftp.
Since a brute force attack will not work on the directory because there are no credentials set, would this be considered a locked directory without a key and impenetrable?
If not, how would someone penetrate the directory other then guessing cpanel credentials?
Thank you for the advice.
I'll preface this by saying I'm very new to working with webservers, so hopefully this is not a drop-dead simple issue - but I've yet to find a solution for creating an email account for my domain.
I was trying to create a new email address under my webserver domain due to purchasing an SSL certificate. I'm using www.ssls.com to provide the cert, and the final step is to provide an email account for the approver email to receive the cert. However, I can only choose to send the cert to a list of generic emails on my domain, such as admin#my_domain_name.com. This seemed like a straightforward issue, but have yet to find a solution to create a new user account/email to receive the certificate.
I tried using the Bitnami document to add Webmin to my webserver to manage emails, but I seem to be getting issues accessing the files under etc/webmin/apache due to permission issues, even though I'm logging into as the root user.
Am I missing something extremely simple in this process? It seems like setting up an email on the domain should be a relatively straightforward process, but I've yet to find a way to do this. The webserver is hosted on Azure using the Bitnami LAMP stack and Apache.
Any advice would be greatly appreciated.
Bitnami developer here.
Your domain provider probably gave you an email address like admin#yoursite.com. You should check with them.
You could also try to enter to your provider admin panel and see if you can configure your email.
I have a VPS server with WHM and cpanel.
We have a few password protected directories(defined in cpanel). We wish that whenever a user logs in to one of them, we will get an instant email.
Possible?
Thanks
Well, you could use the mail() function in PHP on your index.php. Other than that, it isn't possible unfortunately.
I have a website on Win 2008 and IIS7. Some directories have admin specific pages and I don't want regular site users to be able to access them.
What I would like is, if the user tries to load a page from a specific directory, for the site to popup a windows authentication window if the user has not not already authenticated.
Can this be done? Preferably just by setting web.config keys?
Yes, use <location></location> tags to override the current IIS settings at that level and set new ones.
Reference: http://msdn.microsoft.com/en-us/library/b6x6shw7(v=vs.100).aspx