Tighten SAC Login procedure

[charon]

Hi,

I'm getting more and more log-in failures and would like to increase security for the sxadmin user (SAC).
Is it possible to add an additional htaccess login before the /SAC ?
I could not find the IP Address of the failed login in the old audit.logs because they are only stored one week!?
How do you guys solve this issue?

charon

[ls-al]

As this an interesting task I spent some minutes to try it by myself.
Example solution for CentOS5.5:

Code: Select all

[root@master ~]# cd /etc/opt/scalix-tomcat/connector/ajp/
[root@master ajp]# htpasswd -c htaccess.sac admin
New password:
Re-type new password:
Adding password for user admin
[root@master ajp]# vi app-master.sac.conf
[root@master ajp]# cat app-master.sac.conf
ProxyPass /sac  ajp://master.scalixtraining.com:8009/sac
<Location /sac>
    AuthType Basic
    AuthName "Restricted"
    AuthUserFile /etc/opt/scalix-tomcat/connector/ajp/htaccess.sac
    Require valid-user
    AuthBasicProvider file
</Location>
[root@master ajp]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:


I had to provide the credential I have created with the htpasswd tool.

Failed logins will rather be logged in the scalix-caa.log.
Weekly rotation of the audit log is usually done by "sxmaint -daily". If you want to keep them for a longer time you can use your own script to do the rotation.

[charon]

it really works like a charm.
i just missed your answer.
really good work!