通过访问该WSGI的web2py管理界面 [英] accessing the web2py admin interface via wsgi

问题描述

借助的web2py书状态

管理界面，管理员，是从本地主机才可访问
  除非你运行web2py的身后跟Apache的mod_proxy。如果管理员检测
  代理，会话cookie设置为安全和管理登录不
  工作，除非客户端与代理之间的通信都要
  通过HTTPS;这是一种安全措施。在之间的所有通信
  客户端和管理必须是本地或加密;否则
  攻击者能够执行一个人在中间的攻击或
  重放攻击，并在服务器上执行任意code。

The administrative interface, admin, is only accessible from localhost unless you run web2py behind Apache with mod_proxy. If admin detects a proxy, the session cookie is set to secure and admin login does not work unless the communication between the client and the proxy goes over HTTPS; this is a security measure. All communications between the client and admin must always be local or encrypted; otherwise an attacker would be able to perform a man-in-the middle attack or a replay attack and execute arbitrary code on the server.

不过，我想知道，如果这意味着使用的web2py通过WSGI意味着我将无法得到管理界面远程操作。

However, I'm wondering if this means that using web2py via WSGI means I wont be able to get to the admin interface remotely.

推荐答案

下面是你会看到什么，如果你试图通过HTTP访问管理界面：

Here's what you'll see if you try to access the administrative interface over HTTP:

Forbidden

You don't have permission to access /admin/default/index on this server.

Apache/2.2.22 (Ubuntu) Server at yourserver.com Port 80

只需使用HTTPS远程访问管理界面导航到同一个页面。

Just navigate to same page using HTTPS to access the administrative interface remotely.

https://yourserver.com/admin/default/index

这篇关于通过访问该WSGI的web2py管理界面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！