192.168.1.x/RECORDINGS PASSWORD?

General and Support topics relating to ViciDialNow and GoAutoDial ISO installers

Moderators: enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, s0lid

192.168.1.x/RECORDINGS PASSWORD?

Postby enavaro » Sat Dec 05, 2009 3:52 am

Hello,

I configured my Vicidialnow CE 1.3 server box with virtual LAN, namely it has two IP addresses, one is private and the other one is public. The reason for this is to pull out recordings even im not in my center.

Now my concern is How can I put password on it?

192.168.1.x/RECORDINGS
202.xxx.xxx.xxx/RECORDINGS

For security purposes.

Thanks
enavaro
 
Posts: 43
Joined: Tue Aug 25, 2009 1:56 pm
Location: Philippines

thanks

Postby brett05 » Sat Dec 05, 2009 7:54 am

this is found in you apache config
you can limit the use of your recording to just one computer from his ip .
for exemple here :
in /etc/apache2/sites-available/default :
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

as this you will allow computer to have recording but if you want to deny all computer so you will do this:
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Deny from all
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

other solution is block access from A network/netmask pair:
exemple:
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from 10.1.0.0/255.255.0.0
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

other solution is from A full IP address:
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Deny from 10.1.2.10
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

other solution is from A (partial) domain-name:
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Deny from domainname.org
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

and they are more other solution if you like just try to understand more apache mods access or try htacess config
finally as you see here we have use <files *.mp3> so try to change your recording format in crontab script.
and reboot apache.
/sbin/service httpd restart
and to use folder recording with password access try to use this:
<Directory "/var/spool/asterisk/monitorDONE">
Options Indexes MultiViews
AllowOverride All
Order allow,deny
Allow from all
AccessFileName .htaccess
<files *.mp3>
Forcetype application/forcedownload
</files>
</Directory>

then :
create a htaccess file:
vim /var/spool/asterisk/monitorDONE/.htaccess
and put this:
AuthName foldername
AuthUserFile /password/.htpasswd
AuthType Basic
<limit GET POST>

mkdir /var/spool/asterisk/monitorDONE/password
vim /var/spool/asterisk/monitorDONE/password/.htpasswd
and put this as exemple:
admin:password
brak:hJ74qxcNjdmpOijdgD

reboot apache
maybe this will help you enjoy.
Jasperreports & Queuemetrics & SugarCRM integration - Customization and Add-ons
Freepbx||Billing||Centos||Opensuse||Debian||Centos||Fedora||Sangoma||Diguim
brett05
 
Posts: 571
Joined: Sun May 24, 2009 5:48 pm
Location: tunisia

Postby enavaro » Sat Dec 05, 2009 9:05 am

Wow! I never thought of that. Very impressive! Can we make this sticky?
Lots of people out there like me need to know all these things. Especially with regards to security.

1000x thanks to you brett05!!!
VicidialNow CE 1.3
Version: 2.0.5-174
Build: 90522-0506
Asterisk 1.2.30.2
enavaro
 
Posts: 43
Joined: Tue Aug 25, 2009 1:56 pm
Location: Philippines

thanks

Postby brett05 » Sat Dec 05, 2009 10:08 am

:wink:
they are many way to make vicidial more security.
you can also separate your recording in folder with the name in each compaign.
try also to read the update install of ubuntu in the down page of it thez are some bug of security you can fix them.
i have do this install to make vicidial more powerfull .
for this time i have do it in ubuntu and soon i will add it to opensuse and federa with single box and muliserver.
http://www.vicidial.org/VICIDIALwiki/ti ... ntuInstall
Jasperreports & Queuemetrics & SugarCRM integration - Customization and Add-ons
Freepbx||Billing||Centos||Opensuse||Debian||Centos||Fedora||Sangoma||Diguim
brett05
 
Posts: 571
Joined: Sun May 24, 2009 5:48 pm
Location: tunisia

Postby okli » Sat Dec 05, 2009 2:21 pm

Have a look at this topic as well:
http://www.vicidial.org/VICIDIALforum/v ... recordings

We've been using AutoIndex for over an year without any issue and having a search option, statistic, several user levels etc. is much more convenient when having tons of recordings and several people using it.
okli
 
Posts: 671
Joined: Mon Oct 01, 2007 5:09 pm

thanks

Postby brett05 » Sat Dec 05, 2009 3:36 pm

this is not a good idea to put a php file explorer with a shortcut to www path.
with this you will make it public for all person.
also you need to search each recording in each time.
Jasperreports & Queuemetrics & SugarCRM integration - Customization and Add-ons
Freepbx||Billing||Centos||Opensuse||Debian||Centos||Fedora||Sangoma||Diguim
brett05
 
Posts: 571
Joined: Sun May 24, 2009 5:48 pm
Location: tunisia

Postby okli » Sat Dec 05, 2009 3:39 pm

You restrict access the same way as if you were using alias, plus you have passwords, which you can manage from web browser, rather that editing htaccess file.
also you need to search each recording in each time.
Didin't quite get this, why I need to search? I can get to recording without searching, can simply open the relevant directory and click on the recording, why would I must search for it? Search is a bonus.
okli
 
Posts: 671
Joined: Mon Oct 01, 2007 5:09 pm

Postby gardo » Mon Dec 07, 2009 9:48 am

Sticky it is!

enavaro wrote:Wow! I never thought of that. Very impressive! Can we make this sticky?
Lots of people out there like me need to know all these things. Especially with regards to security.

1000x thanks to you brett05!!!
http://goautodial.com
Empowering the next generation contact centers
gardo
 
Posts: 1926
Joined: Fri Sep 15, 2006 10:24 am
Location: Manila, 1004

Postby gmcust3 » Fri Feb 26, 2010 4:38 am

When I try below url, I get :

Forbidden

You don't have permission to access /RECORDINGS/20100226-141130_1415876919-all.wav on this server.

But when I try , I can browse the folder :

http://122.160.239.178/RECORDINGS/

Code: Select all

1) I have created sym link under HTML folder as RECORDINGS.

2) Under astguiclient, I have entry for :

# astguiclient.conf - configuration elements for the astguiclient package
# this is the astguiclient configuration file
# all comments will be lost if you run install.pl again

# Paths used by astGUIclient
PATHDONEmonitor => /var/spool/asterisk/monitorDONE
PATHDONEmonitor => /var/www/html/RECORDINGS

# The IP address of this machine
VARserver_ip => 192.165.1.250

3)

<Directory "/var/spool/asterisk/monitorDONE">
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 192.168
Options Indexes FollowSymLinks

</Directory>

Alias /RECORDINGS /var/spool/asterisk/monitorDONE
Alias /recordings /var/spool/asterisk/monitorDONE

GoAutoDial CE
VERSION: 2.4-309a
BUILD: 110430-1642
No other software installed on the box.
I've read the manager manual.
gmcust3
 
Posts: 1148
Joined: Sat Oct 24, 2009 1:15 pm

Re: 192.168.1.x/RECORDINGS PASSWORD?

Postby ctc_olsen » Mon Jan 07, 2013 11:14 am

Looks like you have NAT set up. Go to whatismyip.com. What is your IP? Put it in the config. Also try putting Deny from all first after allow all. Just like this.

Code: Select all
<Directory "/var/spool/asterisk/monitorDONE">
Order Deny,Allow
Allow from 127.0.0.1 192.168 IP.IP.IP.IP <== [b]IP shown in whatismyip.com[/b]
Deny from all
Options Indexes FollowSymLinks

</Directory>

Alias /RECORDINGS /var/spool/asterisk/monitorDONE
Alias /recordings /var/spool/asterisk/monitorDONE
VERSION: 2.4-309a BUILD: 110430-1642 (Upgrade from CE 2.0,ISO) | Asterisk 1.4.27.1-1 | VmWare vCenter Server Ver 4.1.0| No additional software | No Digium/Sangoma Hardware
ctc_olsen
 
Posts: 65
Joined: Tue Jul 24, 2012 7:34 am

Re: 192.168.1.x/RECORDINGS PASSWORD?

Postby williamconley » Sat Feb 16, 2013 6:05 pm

apache configurations for many distros of GoAuto have the recordings folder locked. You will find other references to this posted by gardo and others, but I believe it is covered in his Wiki (how to access recordings ...).
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20252
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)

Re: 192.168.1.x/RECORDINGS PASSWORD?

Postby richardroi » Thu Aug 08, 2013 6:24 am

We followed the steps of brett05 but we are having errors:
/usr/bin/sox FAIL formats: can't determine type of file `/var/spool/asterisk/monitorDONE/password'
/usr/bin/sox FAIL formats: no handler for file extension `htaccess'

can anyone share some light?

Thank you.
ViciBox v.5.0.2-130807 | BUILD: 130809-1410 | SVN Version: 2019 | Asterisk: 1.8.23-vici
64bit Single Server/ ISO Preload Install
Inbound/Blended
richardroi
 
Posts: 373
Joined: Mon Mar 21, 2011 7:20 pm

Re: 192.168.1.x/RECORDINGS PASSWORD?

Postby richardroi » Thu Aug 08, 2013 7:34 am

It is erasing the entries I made on /var/spool/asterisk/monitorDONE.
Kindly help.
ViciBox v.5.0.2-130807 | BUILD: 130809-1410 | SVN Version: 2019 | Asterisk: 1.8.23-vici
64bit Single Server/ ISO Preload Install
Inbound/Blended
richardroi
 
Posts: 373
Joined: Mon Mar 21, 2011 7:20 pm

Re: 192.168.1.x/RECORDINGS PASSWORD?

Postby williamconley » Sat Feb 15, 2014 10:52 am

"the entries" is a bit vague

but based on your prior post it appears you are trying to create a password file in that recording folder. probably not the best way to go.

i would recommend creating the password file in a folder in the /etc/apache2/ folder (or any other configuration area) as opposed to a folder for recordings. Of course your distro could also call the apache2 folder httpd or something else, the point is to create this configuration file in a configuration file area (/etc/) instead of in a recording file area (/var/spool/asterisk/monitorDONE ...) which is being constantly monitored and manipulated by a perl script tasked with converting and moving recordings OUT of that folder.
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
williamconley
 
Posts: 20252
Joined: Wed Oct 31, 2007 4:17 pm
Location: Davenport, FL (By Disney!)


Return to ViciDialNow - GoAutoDial

Who is online

Users browsing this forum: Google [Bot] and 22 guests