Public WUI ?
Leif Ryge
leif at synthesize.us
Thu Jun 5 10:33:31 UTC 2014
Tahoe doesn't support access controls for its WUI, so anyone with access to the
WUI can use it to upload files. As such, it only listens on localhost by
default. You can easily make it listen on other interfaces by changing the
web.port in your tahoe.cfg.
The best current solution (afaik) for preventing uploads while running a
public-facing WUI is to use an http proxy to limit which WUI resourcs are
accessible. The LAFS Restrictive Proxy Gateway (lafs-rpg) automates the
configuration of nginx for this purpose:
https://bitbucket.org/nejucomo/lafs-rpg
~leif
On Thu, Jun 05, 2014 at 09:59:08AM +0000, David Stainton wrote:
> Hi!
>
> If I understand correctly, then your question might be rephrased as:
> How do I access a TCP service on localhost from outside of my NAT device?
>
> I suggest investigating ssh port forwarding. (i don't think the
> question or answer are specific to tahoe... but maybe someone else on
> the list knows something i don't?)
>
> Cheers,
>
> David
>
> On Thu, Jun 5, 2014 at 9:09 AM, Ed Kapitein <ed at kapitein.org> wrote:
> > Hi,
> >
> > Is there a way to see how my servers at home look from "the internet"
> > I have a NAT setup with port forwarding and would like to use a "public"
> > WUI to check that things work the way i expect it to work.
> > ( instead of using http://localhost:3456 )
> >
> > Kind regards,
> >
> > Ed
> >
> >
> >
> >
> > _______________________________________________
> > tahoe-dev mailing list
> > tahoe-dev at tahoe-lafs.org
> > https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
More information about the tahoe-dev
mailing list