[Koha] Https and restricting IP access

Chad Roseburg croseburg at ncrl.org
Wed Mar 16 10:51:00 NZDT 2016 

Thanks Chris! I think we're going to add a second interface to the server
and limit access to the staff client that way. We did want to avoid the
Apache rules and I think that does it.

I think you're right about https and 3rd party services. My worry stems a
comment on this list a while ago, but I think most if not all ours should
have https available.
Another library confirmed that Syndetics does.

Thanks again!

On Tue, Mar 15, 2016 at 1:00 PM, Chris Cormack <chrisc at catalyst.net.nz>
wrote:

> * Chad Roseburg (croseburg at ncrl.org) wrote:
> > We would like to secure our Koha installation and would like to know what
> > you've done and your experiences.
> >
> > We use some 3rd party tools like Syndetics, Overdrive ...etc. How does
> > https impact the use of these tools? Were you able to find a workaround?
>
> All of our hosted clients are on https. So far there are no issues with any
> of the 3rd party tools. What you may run into is mixed content warnings if
> any of hte content you fetch is from none https sites.
>
> >
> > We'd like to restrict IP access at the network level -- not using Koha.
> If
> > you've done this, how did you accomplish this? We are using different
> > hostnames for OPAC and Staff Client rather than ports 80 and 8080 so can
> > not make policies based on ports.
> >
>
> Restricting access to the staff client? You can't really do that at the
> network
> level if they are the same IP and same Port.
>
> Easiest way is to have the staff client on a different IP number.
>
> Otherwise just using Apache Deny and Allow rules will block them pretty
> easily
>
> Chris
>
>
> > Thank you!
> >
> >
> > --
> > Chad Roseburg
> > Asst. Director / IT
> > Automation Dept.
> > North Central Regional Library
> > _______________________________________________
> > Koha mailing list  http://koha-community.org
> > Koha at lists.katipo.co.nz
> > https://lists.katipo.co.nz/mailman/listinfo/koha
>
> --
> Chris Cormack
> Catalyst IT Ltd.
> +64 4 803 2238
> PO Box 11-053, Manners St, Wellington 6142, New Zealand
>



-- 
Chad Roseburg
Asst. Director / IT
Automation Dept.
North Central Regional Library

More information about the Koha mailing list