How to Edit the ApacheAdmin Configuration File to Protect Against Possible Security Vulnerability on NetWare 6.5

How to Edit the ApacheAdmin Configuration File to Protect Against Possible Security Vulnerability on NetWare 6.5

TID 7001907 gives details about a potential security vulnerability with Apache, or more specifically ApacheAdmin, on NetWare 6.5 after you''ve installed an OES2 Linux server into the same tree.



However there seems to (currently) be some ambiguity about the actual cause and suggested fix.



Whilst you can use FILTCFG to restrict access to port 2200 (see my other article) this might be too restrictive since other services also use port 2200.



Fortunately it's possible to modify the Apache configuration file that is used to configure ApacheAdmin on a NetWare server.




  1. edit sys:/adminsrv/webapps/apacheadmin/web-inf/apadmin-apache.conf

  2. find the <Directory "SYS:/adminsrv/webapps/apacheadmin"> section

  3. change Allow from all to Allow from network/netmask where network/netmask is the network you want to allow access from


Note: If you want to allow access from more than one network/netmask just add additional Allow from ... lines.
Labels (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2009-02-03 20:03
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.