Try the fastest and simplest way to install ONLYOFFICE

Community Server Portal - How IP Security Works?

Community Server Portal - How IP Security Works?

Postby coisox » Fri Oct 05, 2018 3:39 am

I log as admin. Go to Setting > Security > Portal Access > IP Security.

Then I choose enable and put my laptop IPv4 Address and save. Then I open Chrome in incognito mode, type the portal URL, but the login screen is still there.

What should I expect from this setting? What I really want is when visitor go to my portal URL, they will only see blank page or maybe "Server is running". I want to hide all OnlyOffice logo, favicon, and title to avoid attack. Currently the portal is access through API.

If this setting is not what I wanted, where can I find the file to delete/hide/modify the login screen. I tried to open /var/www/onlyoffice/WebStudio/Auth.aspx but the content is not what I expected. It only say "This is a marker file generated by the precompilation tool, and should not be deleted!"
coisox
 
Posts: 13
Joined: Tue Jul 31, 2018 1:52 am

Re: Community Server Portal - How IP Security Works?

Postby Maxim » Fri Oct 05, 2018 9:17 am

Hello!
Please note that "The IP security does not work for portal owners, they can access the portal from any IP address."
I just checked and it works!
Maxim
 
Posts: 1747
Joined: Tue Oct 11, 2016 2:34 pm

Re: Community Server Portal - How IP Security Works?

Postby coisox » Sat Oct 06, 2018 1:28 am

Yeah I notice that statement but what exactly is that? How OnlyOffice know who is the owner without login? My friends visit the URL using his notebook, we are on the same network, and the login is visible on his notebook.

FYI, my friend has previously log into the portal using admin password. Does that means once a person log as admin, a cookies will be put into his browser and be defined as owner later on even without log in? How can I discard him as owner?
coisox
 
Posts: 13
Joined: Tue Jul 31, 2018 1:52 am


Return to Miscellaneous

Who is online

Users browsing this forum: No registered users and 1 guest