Powered by Blogger.

Zimbra Tips: How To Protect Policyd WebUI

Still talking about Policyd. When you access policyd webui, it’s not asking username and password. So, everyone can access policyd configuration via webui. To protect policyd webui, we can use three ways. First, we can stopping Apache service Zimbra with zmapachectl stop. Second, we can use firewall to protect and third, we can use login username and password with htaccess. From three options available, i am recommended to using third option. This is how to protect policyd webui using username and password with htaccess.

1.cd /opt/zimbra/cbpolicyd/share/webui/
2.vi .htaccess

fill with the following lines

1.AuthUserFile /opt/zimbra/cbpolicyd/share/webui/.htpasswd
2.AuthGroupFile /dev/null
3.AuthName "User and Password"
4.AuthType Basic
7.require valid-user

create htpasswd file, username and password

1.touch .htpasswd
2./opt/zimbra/httpd/bin/htpasswd -cb .htpasswd USERNAME PASSWORD

change username and password with username/password do you want. Edit httpd.conf Apache Zimbra

1.vi /opt/zimbra/conf/httpd.conf

add the following configuration at the bottom

1.Alias /webui /opt/zimbra/cbpolicyd/share/webui/
2.</Directory /opt/zimbra/cbpolicyd/share/webui/>
3.# Comment out the following 3 lines to make web ui accessible from anywhere
4.AllowOverride AuthConfig
5.Order Deny,Allow
6.Allow from all

Restart Apache Zimbra service

1.su - zimbra -c "zmapachectl restart"
    Blogger Comment
    Facebook Comment