httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gulkamal Singh <lund.singh.1...@gmail.com>
Subject [users@httpd] Discussion about possible new feature for Apache HTTP Server
Date Mon, 30 Jun 2014 12:23:37 GMT
Lets say that I have a domain hosting a public facing website (
www.mywebsite.com).  Now lets say that -

1) Security is not a big thing.
2) To save money, I want to host the admin interface on the same domain (
www.mywebsite.com/admin).
3) The admin interface requires login but never the less I do not want the
public to be even aware of the location of the admin interface.
4) But there is a chance that someone might type in www.mywebsite.com/admin
by guessing and discover that there is an admin user interface there.
5) I dont want to use complicated IP blocking to block access to the admin
interface - I want to be able to login from any machine.  I also dont want
to go down the expensive certificate route.

In this case, the following will be useful -

1) A browser that has a simple interface from where I can map a key to a
url.  When I make a request to my admin URL, it sends this key in the
header, get or post.
2) A server which shows a 404 unless the key is present in the header, get
or post.

This is fairly a simple feature and I feel that if browsers and servers
implement this, it could become popular.  Could people please give me
thoughts on this, if there might be benefits to this, and if it would be
possible for apache http server to implement this?

Mime
View raw message