[pmwiki-users] How to restrict auth to secure connections

Daniel Rubin Daniel.Frederik.Rubin at scai.fraunhofer.de
Tue Aug 22 04:53:09 CDT 2006


Patrick R. Michaud wrote:
> On Fri, Aug 18, 2006 at 12:41:11PM +0100, Ian Barton wrote:
> 
>>  I'd like to restrict authentication to my wiki such that
>>
>>>  * login is only permitted from connections via https or from
>>>    the local network
>>>  * the authentication form is also only shown under these
>>>    circumstances.
>>>
>>
>>Is there a particular reason that you can't make the whole site https 
>>only? I am setting up a site where I need part of the site to be 
>>accessible only to authorised users via https. After a few experiments I 
>>decided it was simpler to make the whole site https only.
> 
> 
> It is far simpler and safer to make the site https only, but it can 
> also be a lot more expensive on the server.
> 
> Pm

Good thoughts.  The main motivation to keep the plain http access is to 
have the feel of a more "public" site (for readers).
But you're right: If there's no really _simple_ solution to block out 
undesired authorization, I'll probably restrict the whole thing to 
https-access.
Thank you for sharing your thoughts.

----Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Daniel.Frederik.Rubin.vcf
Type: text/x-vcard
Size: 310 bytes
Desc: not available
Url : /pipermail/pmwiki-users/attachments/20060822/8d27f30b/attachment.vcf 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3775 bytes
Desc: S/MIME Cryptographic Signature
Url : /pipermail/pmwiki-users/attachments/20060822/8d27f30b/attachment.bin 


More information about the pmwiki-users mailing list