THIS COULD OPEN YOU UP TO POTENTIAL HACKS
The file you want to edit is at
/tmp/allow.conf
To allow any IP access to the dashboard, edit the file to
<Directory /var/www/UI>
Order Allow,Deny
Allow from all</Directory
Stop and start the apache server
MyBookLive:~# /etc/init.d/apache2 stop
8518: old priority 0, new priority 0
Stopping web server: apache2 ... waiting .
MyBookLive:~# /etc/init.d/apache2 start
8576: old priority 0, new priority 0
Starting web server: apache2.
Make sure you have a secure dashboard password set
Who knows what kinda hacks this can open you up to
For more information
http://library.linode.com/web-servers/apache/configuration/rule-based-access-control
I didn’t have any luck with the following, but you might. Obviously you would change the 22.22. to whatever the IP address of the machine you would be accessing the MBL from has. 192.168. needs to be left there for local access
<Directory /var/www/UI>
Order Deny,Allow
Deny from allAllow from 192.168.
Allow from 22.22.
</Directory>
Stop and start the apache server
MyBookLive:~# /etc/init.d/apache2 stop
8518: old priority 0, new priority 0
Stopping web server: apache2 ... waiting .
MyBookLive:~# /etc/init.d/apache2 start
8576: old priority 0, new priority 0
Starting web server: apache2.
TAKEN FROM THE ABOVE LINK
To parse this in more simple terms:
- The “Order Deny,Allow” directive tells the web server that “Deny” rules should be processed before Allow rules.
- The “Deny from all” directive tells the web server that all users should be denied access to the given resource. This rule is processed first.
- The “Allow from” directive tells the web server that requests originating at the IP address “22.22.*.*” should be allowed. This is processed last, and represents an exception to the “Deny from all” rule.
In short, all hosts except for 192.168.*.* and 22.22.*.* are denied access to this resource.
Alternatively you could edit the section in red for the file wd-nas
/etc/apache2/sites-available/wd-nas
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
<IfModule mod_rewrite.c>
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 0
RewriteEngine On
# address-only access redirected to User Interface
# RewriteRule ^/$ /UI/ [R]
# relocate UI
# relocate administrative REST
RewriteRule ^/api/1.0/rest/(.*) /Admin/webapp/htdocs/api/1.0/rest/index.php [L]
</IfModule>
<IfModule mod_rewrite.c>
# configure landing page for webdav applet
RewriteRule ^/LandingPage /Admin/webapp/htdocs/securityCheck.php [L,R]
</IfModule>
# additional environment variables to pass to CGI and SSI
# any way to use DocumentRoot/DOCUMENT_ROOT???
SetEnv __ADMIN_API_ROOT /var/www/Admin
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
# block application folders from being served
<Directory /var/www/Admin/webapp/config/>
Order deny,allow
Deny from all
</Directory>
<Directory /var/www/Admin/webapp/classes/>
Order deny,allow
Deny from all
</Directory>
<Directory /var/www/Admin/webapp/includes/>
Order deny,allow
Deny from all
</Directory>
<Directory "/var/www/UI/app/webroot/">
RewriteEngine On
RewriteBase /UI/
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
</Directory>
# comment this line if remote WebUI access is needed (WAN access)
Include /tmp/allow.conf
<Directory "/var/www/UI">
RewriteEngine on
RewriteBase /UI/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^$ app/webroot/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) app/webroot/$1 [L]
php_value memory_limit 1G
</Directory>
### unused at this time
### ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
### <Directory "/usr/lib/cgi-bin">
### AllowOverride None
### Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
### Order allow,deny
### Allow from all
### </Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
###CustomLog /var/log/apache2/access.log combined
### not used at this time
### Alias /doc/ "/usr/share/doc/"
### <Directory "/usr/share/doc/">
### Options Indexes MultiViews FollowSymLinks
### AllowOverride None
### Order deny,allow
### Deny from all
### Allow from 127.0.0.0/255.0.0.0 ::1/128
### </Directory>
############################
# WebDav Extension
############################
Include /etc/nas/apache2/auth/alias.inc
Include /etc/nas/apache2/auth/require.inc
#############################
</VirtualHost>
Simply change it to
# comment this line if remote WebUI access is needed (WAN access)
# Include /tmp/allow.conf