Jump to content
mstuart

Securing Revive

Recommended Posts

An alternative to creating a password level protection to the admin folder would be to block all access to the admin area to all except for a few ip address.

 

This would be in a file called ".htaccess" (or in the httpd.conf) in the www/admin folder

 

It would look something like this

 

<IfModule mod_rewrite.c>
RewriteEngine On

#####IP Lockdown to prevent Unauthorised access from unauthorised IP

RewriteCond %{REQUEST_URI} !/www/admin/unauthorised.html
RewriteCond %{REMOTE_HOST} !^your\.ip\.addr\.ess

RewriteCond %{REMOTE_HOST} !^your\.ip\.addr\.ess

RewriteCond %{REMOTE_HOST} !^your\.ip\.addr\.ess

RewriteCond %{REMOTE_HOST} !^your\.ip\.addr\.ess

RewriteCond %{REMOTE_HOST} !^your\.ip\.addr\.ess
RewriteRule $ /www/admin/unauthorised.html [R=404,L]

</IfModule>

Explaination

  • This requires the mod_rewrite to be enabled
  • RewriteCond is the condition in which you will be redirected to the rule
  • Remote host is the ip
  • ! - signifiys not this ip address
  • and the rewriterule is to a page to display as a result.

 

 

 

The pros:

 

You are whitelisting ip addresses that can have access. This works well if you have a fixed ip in an office/home.

 

If you have a dynamic address though, then you would need to read documentation on the rewrite rule to see if you can include a dyndns in wome way. I have not found out how to do this successfully yet.

 

The cons:

 

You could inadvertently lock yourself/or other uses out. Probably not good for everybody using this.

 

Potential

 

I guess you could mask the fact that adserver is even installed if you did something with referers but if you have many there again, won't be feasible for everyone.

Share this post


Link to post
Share on other sites

Is there a way to enable logging of sign-in attempts (both good and bad)?   I want a log file to use with fail2ban to lock out bad actors.

 

Update: Since Revive offers no built-in logging for admin access I added a few lines myself to log failed attempts.

Edited by Neurogami
Updated info

Share this post


Link to post
Share on other sites

I run fail2ban to check logs fro a number of sites I host.   There is constant URL sniffing, where I see attempts to access files with names such as admin.php, administrator.php, and the like. 

That the typical software installation uses common, well-known names is a problem.    For one app (a different ad server) I renamed assorted files; I could then watch for 404 errors on failed attempts when bots tried to find files.  The renaming preocess was qite tedious; I had to check all the app files and careful rename hard-coded references to assorted admin pages.

I'm thinking of doing the same for Revive.  Any ideas on the down-side to doing this?  What I really want to do is change the path "www/admin" to something else.  Then have fail2ban look for any attempt to access files using the wrong path.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.




×
×
  • Create New...