[Koha] Https and restricting IP access

Chris Cormack chrisc at catalyst.net.nz
Wed Mar 16 09:00:06 NZDT 2016


* Chad Roseburg (croseburg at ncrl.org) wrote:
> We would like to secure our Koha installation and would like to know what
> you've done and your experiences.
> 
> We use some 3rd party tools like Syndetics, Overdrive ...etc. How does
> https impact the use of these tools? Were you able to find a workaround?

All of our hosted clients are on https. So far there are no issues with any
of the 3rd party tools. What you may run into is mixed content warnings if 
any of hte content you fetch is from none https sites.

> 
> We'd like to restrict IP access at the network level -- not using Koha. If
> you've done this, how did you accomplish this? We are using different
> hostnames for OPAC and Staff Client rather than ports 80 and 8080 so can
> not make policies based on ports.
> 

Restricting access to the staff client? You can't really do that at the network
level if they are the same IP and same Port.

Easiest way is to have the staff client on a different IP number.

Otherwise just using Apache Deny and Allow rules will block them pretty
easily

Chris


> Thank you!
> 
> 
> -- 
> Chad Roseburg
> Asst. Director / IT
> Automation Dept.
> North Central Regional Library
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> https://lists.katipo.co.nz/mailman/listinfo/koha

-- 
Chris Cormack
Catalyst IT Ltd.
+64 4 803 2238
PO Box 11-053, Manners St, Wellington 6142, New Zealand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.katipo.co.nz/pipermail/koha/attachments/20160316/9dd953fa/attachment-0001.sig>


More information about the Koha mailing list