[Koha] Questions on data security, liability and RFP issues
Michael Lake
mikel at speleonics.com.au
Sat Nov 6 16:36:43 NZDT 2004
Chris Cormack wrote:
> The security we have on koha, is that the librarian interface is behind
> password authentication, but you can disable this. What HLT does and other
> libraries we have worked with do, is not make the librarian interface
> available to the world. This can be done by restricting access to only
> certain ips, or only available on a lan.
Here is just one thing that you can do as an example.
Have a look at the file /etc/apache/koha-httpd.conf
Where you have:
# OPAC Interface
<VirtualHost mymachine:8000>
lots of settings ....
</VirtualHost>
# Intranet Interface
<VirtualHost mymachine:8080>
lots of settings ....
Allow From 123.456.789.4
</VirtualHost>
you can add an 'Allow from' directive to the web server to disallow
access to other than the ip address 123.456.789.4
Best though is to work through what you have with the Sys Admin that
runs the systems.
Mike
More information about the Koha
mailing list