[Mailman-Users] .htaccess protection of archives
Adam McGreggor
adam-mailman at amyl.org.uk
Tue Feb 9 17:49:55 CET 2010
On Mon, Feb 08, 2010 at 03:40:44PM +0000, Phil Ewels wrote:
> I'd like to protect my mailing list archives behind some .htaccess
> protection, but my mailman installation is a central one which serves a
> number of different websites.
>
> I was thinking I could get around this by using a script to automate a
> log in to the archives and then scraping the results back to my
> .htaccess protected folder.
How about setting the archive directory for each applicable list as it's own
<Directory> in a vhost config, I dunno, something like: (untested)
<VirtualHost *:443>
ServerName archives.lists.example.org
DocumentRoot /usr/local/mailman/archives/private/
Options -Indexes
<Directory /usr/local/mailman/archives/private/listname>
AuthType basic
AuthName "Private Archive"
AuthUserFile /path/to/htpasswd.file
Require valid-user
Options +Indexes
</Directory>
</VirtualHost>
or perhaps use a glob and AllowOverrides (assuming Apache as your
httpd), or something like one of the Match directives.
Just as an idea, in production, you'll possibly want to lock-down a
virtualhost like that a bit more.
> Alternatively, if anyone can think of another way to get the archives
> behind a .htaccess wall I'd be keen to hear!
Failing the hackish monstrosity above, you might find
https://secure.mysociety.org/cvstrac/dir?d=mysociety/lists/web-admin/lists
(and elsewhere in https://secure.mysociety.org/cvstrac/dir?d=mysociety/lists)
useful if you're a coder.
--
``If the media object to a judgment or sentencing decision,
we suggest they focus their efforts on persuading the
Government to rectify the legal and policy framework.''
(Lords' Select Committee on Constitution: Eleventh Report)
More information about the Mailman-Users
mailing list