Disable remote cgi access
kcj.cups.umich
kcj.cups at umich.edu
Wed Dec 12 06:27:35 PST 2007
> kcj.cups.umich wrote:
> > Hello,
> >
> > I'm trying to set up CUPS to allow remote printing, but disable remote access to the cgi management pages. Currently running CUPS 1.3.4.
> >
> > I've attempted to restrict using the Location tag.
> >
> > <Location /admin>
> > Order Allow,Deny
> > Allow From 127.0.0.1
> > </Location>
> >
> > This works for /admin, but when I apply it to /printers, remote ipp printing/queries break. I presume this is because the client is trying to access a resource located in /printers. Is there a way to restrict remote access to the cgi's while enabling access to remotely print/execute ipp queries? I would like to continue to be able to use the print management web pages from the localhost.
> >
> >
>
> Look into the Policies stuff to set up fine grained
> access restrictions.
>
> Helge
>
I've tried this, but in the logs the ipp requests generated by the cgi's come in as being from 'localhost.' This doesn't help as I'd like to have access from localhost. In addition, none of the policies (that I've found) seem to have anything to do with blocking access to the actual cgi web pages. It appears that the Policy section is all about messing w/ ipp request permissions only, which is the only thing I want to allow. Thanks for the suggestion though.
-Kevin
More information about the cups
mailing list