passwd-fop

tshif

Guru
Joined
Jan 3, 2008
Messages
1,240
Reaction score
4
Please - a script to change the password to FOP - so that end users may gain access. There are other threads here than suggest that I should run passwd-webmin, but that doesn't really do anything for this icon.

Could we have a passwd-FOP script that will affect getting to the FOP ONLY from the user menu - not from when accessed from inside FreePBX? Its a bit unproductive to be prompted for passwords inside FreePBX all the time, right? :rolleyes:

Also, what does passwd-webmin actually affect? I run it, and even rebooted my machine, and can't quite figure out what it changed.
 

jroper

Guru
Joined
Oct 20, 2007
Messages
3,832
Reaction score
71
Hi

The system does work as you describe.

passwd-amp controls access to the FOP. log on with wwwadmin and your chosen password set with passwd-amp. It is set to password by default.

Once in FOP, you will be prompted for a password when you interact with it. The default is passw0rd.

Unfortunately, you will still have to enter the password when access the FOP from FreePBX.

Maint username will also give you access to FOP, but it also gives access to a lot of other stuff in the maint directory which is undesirable ro all allow your users there, so keep that pw to yourself.

passwd-webmin, as the name suggests sets the password for the webmin interface on port 9001.

Joe
 

tshif

Guru
Joined
Jan 3, 2008
Messages
1,240
Reaction score
4
OK - so passwd-amp control access to FOP. Maybe we should change the name to passwd-fop? LOL.
When I use passwd-amp, it also seems to add itself to the valid list for the web meetme icon as well. Is this as expected?

I can live with having to reenter the password when im inside freePBX :wink5:

About interacting with FOP. I knew of, and have tried the default passw0rd. (O being ZERO), and it wont let me in. It just keeps popping up the security code box. I cant remeber where to change this (I have done it beofreon other systems), but what confuses me is that the default password is not working. Does anyone else have that issue?
 

jroper

Guru
Joined
Oct 20, 2007
Messages
3,832
Reaction score
71
Hi

There is a hierarchy of .htaccess

Maint gets you everywhere
wwwadmin gets you to places that only users should go (Webmeetme / FOP)
meetme just gets you to web meetme.

But you knew this already as you have studied the instructions, haven't you?

2 minutes on google would have taken you to /var/www/html/panel/op_server.cfg where you would have found this comment: -


; NOTE
;
; In this config file, the following entries will be IGNORED, in
; favour of the values set in /etc/amportal.conf (but do not
; comment them !):

You can alter the htaccess rules as to access in /etc/pbx/httpdconf/pbx.conf

Joe
 

tshif

Guru
Joined
Jan 3, 2008
Messages
1,240
Reaction score
4
Google, whats that?

Thanks for all your help so far!

.htaccess is clearly a topic i need to study. A lifetime of windows web servers has not prepared me for this manner of access control. Thats on my short list of things I will be studying to better understand. Can anyone recommend a concise resource as both accurate and applicable? (Yes, I will google for some, but I'm asking for expertise here, not librarian services. LOL. :lol:)

Surprisingly, the instructions are not all that helpful in many cases, unless you already know stuff I don't yet know. I have always found it very helpful to study what others do and how they do it and then explore the hows and whys. So many of the scripts here cant be reviewed easily that it discourages somewhat this type of study.

With regard to your 2 minutes on google on my behalf - I should have been more clear. While I stated that at that moment I could not recall where to make the change, the point of my sentence was near the end where I said "what confuses me is that the default password is not working. Does anyone else have that issue?". You didn't exactly address that. What I found while making the edit, to anyone else that might be curious, is that the FOP security password seems to have been set to the same value as my console root password. (I have to admit to being confused about the various passwd-xxx scripts, so I may have somehow changed this via script and not known it.) I hope you now better understand the goal of my questions.

All of you Gurus, and authors - can not be thanked enough for your tireless efforts. I cant play at that level - but I peer host the PBXIAF torrent - so im doing a little something to give back. Again - Thanks!

Tony
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
... and we really appreciate the torrent support. Thanks!!! :smile5:
 

jroper

Guru
Joined
Oct 20, 2007
Messages
3,832
Reaction score
71
Hi

I've just done a fresh install, and passw0rd works for me, so I sorry I cannot be any more help on that one.

The best place to start with .htaccess documentation is from the horses mouth.

http://httpd.apache.org/docs/2.2/

If you can make any suggestions or comments about the documentation, and where it may fail the reader, then by all means put in some suggestions, and we will consider them for addition.

Yours

Joe
 

stuck

Member
Joined
Nov 8, 2007
Messages
238
Reaction score
1
after setting the password for wwwadmin different from maint, it still allows the user to access the FreePBX (I only want it to access FOP).
I've also changed pbx.conf file to look like this

#Password proctect /var/www/html/admin
<Directory /var/www/html/admin>
AuthType Basic
AuthName "Restricted Admin Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user maint
</Directory>

#Password protect /var/www/html/panel
<Directory /var/www/html/panel>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user wwwadmin maint
</Directory>

#Password protect /var/www/html/maint
<Directory /var/www/html/maint>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user maint
</Directory>


#Password protect /var/www/html/meetme
<Directory /var/www/html/meetme>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user wwwadmin maint meetme
</Directory>

Is there another way to restrict the wwwadmin user/password to access only the panel and not the entire freepbx?
 

jroper

Guru
Joined
Oct 20, 2007
Messages
3,832
Reaction score
71
Hi

This would all depend on how you have altered FreePBX.

If you have it in auth DB mode (check amportal.conf) which is standard, then access to FreePBX is controlled by the freePBX database, which is my prefered method, because users can be created with different ACL access.

However, the password-master script offers .htaccess access to freepbx, which means one username (wwwadmin or maint) gets you everywhere in FreePBX.

next, we have some .htaccess for the maint directory, containing configedit, sysinfo, phpmyadmin which cannot be protected under DB auth in FreePBX. Additionally the FOP Panel, and Webmeetme is covered by more .htaccess.

So maint gets you everywhere, including the maint directory, except FreePBX which is covered by db auth

wwwadmin gets you into FOP and Meetme

meetme gets you into web meetme

I trust that this clarifies.

In respect of your problem, can you confirm that you have restarted httpd (httpd -k restart)

Joe
 

Members online

Forum statistics

Threads
25,782
Messages
167,513
Members
19,203
Latest member
frapu
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top