[Mailman-Users] Secure the admin pages

Jim Tittsler jwt at onjapan.net
Fri Aug 19 06:00:26 CEST 2005

On 2005-08-18 23:14, Mike Hanby wrote:
> Howdy, does anyone know if it's possible to secure the admin pages with an
> .htaccess type security?
> Ex:  http://www.mydomain.com/mailman/admin/mailinglist
> Going to this page would pop up an Apache login prompt.  If successful, then
> the page would load where they would then have to log in using mailman's
> "List Administrator Password".

You could use a FilesMatch directive to restrict access to the cgi 
scripts you were interested in:

<FilesMatch (admin|admindb|create|edithtml|rmlist)>
   AuthName "Mailman"
   require valid-user

(Or a LocationMatch directive in your Apache configuration.)


P.S.  Your message might get more attention if you sent a new message 
to the mailing list rather than hijacking an existing thread (as you 
did by replying to a different message and simply changing the 
subject).  People that browse the list by thread might not see your 
message the way you have done it.

Jim Tittsler     http://www.OnJapan.net/      GPG: 0x01159DB6
Python Starship  http://Starship.Python.net/crew/jwt/
Mailman IRC      irc://irc.freenode.net/#mailman

More information about the Mailman-Users mailing list