Admin is disabled because insecure channel
2,691 views
Skip to first unread message
Randell
Jul 26, 2009, 12:45:36 PM7/26/09
to web...@googlegroups.com
Hi guys,
I just found out that running web2py with -i 0.0.0.0 parameters gives the Admin is disabled because insecure channel error when accessing the admin. Is this an expected behavior? Why is it giving that error? How can I remove the error while still using the -i 0.0.0.0 parameters?
Thanks!
--
Randell Benavidez
http://randell.ph/
I just found out that running web2py with -i 0.0.0.0 parameters gives the Admin is disabled because insecure channel error when accessing the admin. Is this an expected behavior? Why is it giving that error? How can I remove the error while still using the -i 0.0.0.0 parameters?
Thanks!
--
Randell Benavidez
http://randell.ph/
Kuba Kucharski
Jul 26, 2009, 12:58:12 PM7/26/09
to web...@googlegroups.com
Are you trying to access admin through localhost ??
Out of curiosity, why is that you need so much 0.0.0.0 ?
please, run two instances of web2py
one like:
python web2py.py -i 127.0.0.1 -p 8001 -a "password"
second:
python web2py.py -i another_ip_of_yours -p your_port -a ""
then enter 127.0.0.1:8001 in your browser.
your apps will be visible through another_ip_of_yours:8001 but tickets
and admin only through 127.0.0.1 ..
this is the easiest way. do not be afraid to run as many instances of
web2py as you need..
--
Kuba
Randell
Jul 26, 2009, 1:09:35 PM7/26/09
to web...@googlegroups.com
On Mon, Jul 27, 2009 at 12:58 AM, Kuba Kucharski <kuba.ku...@gmail.com> wrote:
Are you trying to access admin through localhost ??
Yes.
Out of curiosity, why is that you need so much 0.0.0.0 ?
To make it accessible from another machine (of course, having a different IP address).
please, run two instances of web2py
one like:
python web2py.py -i 127.0.0.1 -p 8001 -a "password"
second:
python web2py.py -i another_ip_of_yours -p your_port -a ""
then enter 127.0.0.1:8001 in your browser.
your apps will be visible through another_ip_of_yours:8001 but tickets
and admin only through 127.0.0.1 ..
I will try this.
this is the easiest way. do not be afraid to run as many instances of
web2py as you need..
I'm actually new to web2py (and Python, actually) and I didn't know that I can run many instances of it. Thank you for the tip!
--
Kuba
--
http://randell.ph/
MikeEllis
Sep 22, 2009, 12:19:18 PM9/22/09
to web2py-users
I'm seeing more or less the same problem but I haven't managed to get
the 2-process solution to work yet. I'm trying to use the
recommendation in version 2 of the manual:
""" An easy way to setup a secure production environment on a server
is to first stop web2py and then remove all the parameters *.py files
from the web2py installation folder. Then start web2py without a
password. This will completely disable admin and appadmin. """
So I started web2py with the following command line on my (remote)
webserver:
python2.5 web2py.py -i my_server_ip -p 8000 -a "" &
So far so good. It started and gave the "no password, no admin
interface" message.
Then I followed the second part of the recipe:
"""Next, start a second Python instance accessible only from
localhost:"""
nohup python2.5 -p 8001 -i 127.0.0.1 -a '<ask>' &
Second instance started with no complaints, but trying to reach the
server from my laptop, e.g.
http://my_server_ip:8000/init
gives the "Admin is disabled because of insecure channel' ticket. Any
idea what I'm doing wrong?
Thanks,
Mike
On Jul 26, 1:09 pm, Randell <josephrandell.benavi...@gmail.com> wrote:
> On Mon, Jul 27, 2009 at 12:58 AM, Kuba Kucharski
> <kuba.kuchar...@gmail.com>wrote:
the 2-process solution to work yet. I'm trying to use the
recommendation in version 2 of the manual:
""" An easy way to setup a secure production environment on a server
is to first stop web2py and then remove all the parameters *.py files
from the web2py installation folder. Then start web2py without a
password. This will completely disable admin and appadmin. """
So I started web2py with the following command line on my (remote)
webserver:
python2.5 web2py.py -i my_server_ip -p 8000 -a "" &
So far so good. It started and gave the "no password, no admin
interface" message.
Then I followed the second part of the recipe:
"""Next, start a second Python instance accessible only from
localhost:"""
nohup python2.5 -p 8001 -i 127.0.0.1 -a '<ask>' &
Second instance started with no complaints, but trying to reach the
server from my laptop, e.g.
http://my_server_ip:8000/init
gives the "Admin is disabled because of insecure channel' ticket. Any
idea what I'm doing wrong?
Thanks,
Mike
On Jul 26, 1:09 pm, Randell <josephrandell.benavi...@gmail.com> wrote:
> On Mon, Jul 27, 2009 at 12:58 AM, Kuba Kucharski
Kuba Kucharski
Sep 22, 2009, 12:54:29 PM9/22/09
to web...@googlegroups.com
You should look for admin on 127.0.0.1:8001
You have configured it this way.
;)
On Sep 22, 2009 6:19 PM, "MikeEllis" <michael...@gmail.com> wrote:
I'm seeing more or less the same problem but I haven't managed to get
the 2-process solution to work yet. I'm trying to use the
recommendation in version 2 of the manual:
""" An easy way to setup a secure production environment on a server
is to first stop web2py and then remove all the parameters *.py files
from the web2py installation folder. Then start web2py without a
password. This will completely disable admin and appadmin. """
So I started web2py with the following command line on my (remote)
webserver:
python2.5 web2py.py -i my_server_ip -p 8000 -a "" &
So far so good. It started and gave the "no password, no admin
interface" message.
Then I followed the second part of the recipe:
"""Next, start a second Python instance accessible only from
localhost:"""
nohup python2.5 -p 8001 -i 127.0.0.1 -a '<ask>' &
Second instance started with no complaints, but trying to reach the
server from my laptop, e.g.
http://my_server_ip:8000/init
gives the "Admin is disabled because of insecure channel' ticket. Any
idea what I'm doing wrong?
Thanks,
Mike
On Jul 26, 1:09 pm, Randell <josephrandell.benavi...@gmail.com> wrote: > On Mon, Jul 27, 2009 at 12...
> <kuba.kuchar...@gmail.com>wrote:
> > > > > Are you trying to access admin through localhost ?? > > Yes. > > > > > Out of curiosity, w...
MikeEllis
Sep 22, 2009, 1:29:44 PM9/22/09
to web2py-users
The problem isn't getting to the admin interface. I didn't even get
that far. The ticket appears when I browse to the application URL.
On Sep 22, 12:54 pm, Kuba Kucharski <kuba.kuchar...@gmail.com> wrote:
> You should look for admin on 127.0.0.1:8001
> You have configured it this way.
>
> ;)
>
that far. The ticket appears when I browse to the application URL.
On Sep 22, 12:54 pm, Kuba Kucharski <kuba.kuchar...@gmail.com> wrote:
> You should look for admin on 127.0.0.1:8001
> You have configured it this way.
>
> ;)
>
Thadeus Burgess
Sep 22, 2009, 1:44:38 PM9/22/09
to web...@googlegroups.com
I use the glory of only the best distributed version control system (mercurial)!
On my server I have a subdomain that services mercurial through SSH.
I put my web2py application under version control
I created a .hgignore that ignores ^databases/ ^sessions/ ^cache/ and ^uploads/
I deleted the already included .hg folder and ran my own hg init, then ran
hg add .
hg commit -m "commit message"
hg push ssh://hg.thadeusb.com/root/path/to/hg/repo/
Yes, now I have a web2py application under client-server version control, named /home/thadeusb/Workspace/MyApp
Ok so now on my server, I have a directory named web2py_projects, in this folder I run
hg clone ssh://hg.thadeusb.com/root/path/to/hg/repo/
hg update
Now on the folder that serves my wsgihandler.py, I include the latestest stable web2py, and in the applications directory, includes a simlink named 'init' to my web2py_projects/MyApp. Effectively making it the default.
When I'm finished testing on my workstation, i push the changes, and then on the webserver I pull them.
The admin interface is completely disabled, and I only alter and change code from my workstation, while my server stays happy when a stable version of my site.
If I need an updated copy of the database, I just SFTP the databases folder over to my machine, so I can have a current copy of the data to test with.
This works really really well, and makes deploying updates so easy, and secure!
-Thadeus
On my server I have a subdomain that services mercurial through SSH.
I put my web2py application under version control
I created a .hgignore that ignores ^databases/ ^sessions/ ^cache/ and ^uploads/
I deleted the already included .hg folder and ran my own hg init, then ran
hg add .
hg commit -m "commit message"
hg push ssh://hg.thadeusb.com/root/path/to/hg/repo/
Yes, now I have a web2py application under client-server version control, named /home/thadeusb/Workspace/MyApp
Ok so now on my server, I have a directory named web2py_projects, in this folder I run
hg clone ssh://hg.thadeusb.com/root/path/to/hg/repo/
hg update
Now on the folder that serves my wsgihandler.py, I include the latestest stable web2py, and in the applications directory, includes a simlink named 'init' to my web2py_projects/MyApp. Effectively making it the default.
When I'm finished testing on my workstation, i push the changes, and then on the webserver I pull them.
The admin interface is completely disabled, and I only alter and change code from my workstation, while my server stays happy when a stable version of my site.
If I need an updated copy of the database, I just SFTP the databases folder over to my machine, so I can have a current copy of the data to test with.
This works really really well, and makes deploying updates so easy, and secure!
-Thadeus
Kuba Kucharski
Sep 22, 2009, 2:28:38 PM9/22/09
to web...@googlegroups.com
What do you get with http://myserverip:8000 ?
On Sep 22, 2009 7:30 PM, "MikeEllis" <michael...@gmail.com> wrote:
The problem isn't getting to the admin interface. I didn't even get
that far. The ticket appears when I browse to the application URL.
On Sep 22, 12:54 pm, Kuba Kucharski <kuba.kuchar...@gmail.com> wrote: > You should look for admin o...
> On Sep 22, 2009 6:19 PM, "MikeEllis" <michael.f.el...@gmail.com> wrote: > > I'm seeing more or les...
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subs...
MikeEllis
Sep 22, 2009, 7:40:01 PM9/22/09
to web2py-users
Solved it. I needed to build python2.5 on my server with configure --
enable-sqlite3. The ticket was being raised because web2py raised an
error because sqlite3 was undefined. With admin access disabled, the
only feedback you get is the "Admin access has been disabled because
of an insecure channel."
Kuba, thanks for trying to help.
Mike
On Sep 22, 2:28 pm, Kuba Kucharski <kuba.kuchar...@gmail.com> wrote:
> What do you get withhttp://myserverip:8000?
enable-sqlite3. The ticket was being raised because web2py raised an
error because sqlite3 was undefined. With admin access disabled, the
only feedback you get is the "Admin access has been disabled because
of an insecure channel."
Kuba, thanks for trying to help.
Mike
On Sep 22, 2:28 pm, Kuba Kucharski <kuba.kuchar...@gmail.com> wrote:
> What do you get withhttp://myserverip:8000?
Reply all
Reply to author
Forward
0 new messages