Task #362
closed
Limit HTTP Method on accounting-d4s.d4science.org
100%
Description
Only HTTP PUT Method should be allowed on accounting-d4s.d4science.org:5984 for the whole internet.
All the other HTTP methods for the moment must be allowed only for ISTI infrastructure. As soon as the Accounting will be fully operational, as Andrea Dell'Amico suggested we can use a different hostname for that machine and allow the access only from a limited predefined number of host (e.g. portals, ISTI network).
Related issues
Updated by Andrea Dell'Amico almost 10 years ago
Do you need this now? It can be done putting an haproxy instance in front of couchdb, and that's the plan for the production release.
I don't remember anything about the hostname change, btw.
Updated by Luca Frosini almost 10 years ago
No, I don't need it now. It is not urgent.
We discussed about to have only the PUT method accessible from everywhere for accounting-d4s.d4science.org URL and using a a different hostname (with the same haproxy instance or with a different one in different machine) for the whole CouchDB functionality (web access for admin as well).
I think this should be done when we will have a cluster and haproxy installed.
I opened a ticket just as reminder for both.
Updated by Luca Frosini over 9 years ago
- Due date changed from Sep 30, 2015 to Oct 16, 2015
Updated by Luca Frosini over 9 years ago
- Subject changed from Limit HTTP Method on accounting-d4s.d4science.org:5984 to Limit HTTP Method on accounting-d4s.d4science.org
- Due date changed from Oct 16, 2015 to Dec 31, 2015
To start to work on this we need to synchronization.
Updated by Luca Frosini over 9 years ago
- Blocked by Task #1265: Limit HTTP Method on accounting-d-d4s.d4science.org added
Updated by Luca Frosini over 9 years ago
- Target version changed from zz - Accouting Facility to Enhance Accounting Security
Updated by Luca Frosini over 9 years ago
- Due date changed from Dec 31, 2015 to Jan 31, 2016
Updated by Luca Frosini almost 9 years ago
- Status changed from New to In Progress
Updated by Luca Frosini almost 9 years ago
- Assignee changed from _InfraScience Systems Engineer to Luca Frosini
Updated by Luca Frosini almost 9 years ago
- Due date changed from Jan 31, 2016 to Dec 31, 2016
Updated by Luca Frosini almost 9 years ago
- Assignee changed from Luca Frosini to _InfraScience Systems Engineer
Updated by Luca Frosini almost 9 years ago
- Status changed from In Progress to Rejected
Updated by Luca Frosini almost 9 years ago
The accounting is switching to CouchBase so the ticket became invalid. For this reason I set to Rejected
Updated by Luca Frosini over 8 years ago
- Status changed from Rejected to Closed
