[Zope] Disabling anonymous webdav access

sean.upton@uniontrib.com sean.upton@uniontrib.com
Fri, 18 May 2001 09:45:33 -0700


The problem there is that WebDAV is a basic HTTP request over the standard
HTTP port; it would be all or nothing; a layer 7 filtering solution would be
needed.  A squid proxy with a redirector or a "layer 7 traffic shaper" like
an intel netstructure 7175 would likely be able to filter content if the
WebDAV request was an HTTP GET with a distinct URL...

Sean

-----Original Message-----
From: marc lindahl [mailto:marc@bowery.com]
Sent: Friday, May 18, 2001 9:32 AM
To: zope@zope.org
Subject: Re: [Zope] Disabling anonymous webdav access




> From: sean.upton@uniontrib.com
> 
> I ask because there might be a way to filter public access with a
> reverse-proxy to certain URLs (with, for example, a Squid redirector).
> Whether or not this kind of thing would work for certain types of WebDAV
> traffic, such as viewing folder contents, depends on the anatomy of a
WebDAV
> request...

You could easily limit the port to be accessed only by certain IP addresses
(ranges, other criterea) with xinetd (if you're on Linux)


_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )