Mr. Chenevert Posted January 26, 2013 Report Share Posted January 26, 2013 Since the secret for each folder is displayed on the web gui, anyone who can access my website could download all of my files. I realize I can lock down the web gui, but it would be nice if there was a way to 'delete' the key from being shown ever again once the pairing was created. Quote Link to comment Share on other sites More sharing options...
Xarilaos Posted January 29, 2013 Report Share Posted January 29, 2013 How did you lock the web UI? Quote Link to comment Share on other sites More sharing options...
mosch Posted January 29, 2013 Report Share Posted January 29, 2013 I think you can lock down any web UI by using a Webserver like Lighttpd or Apache as Proxy. Than you are able add authentication via the webserver. Quote Link to comment Share on other sites More sharing options...
Xarilaos Posted January 30, 2013 Report Share Posted January 30, 2013 Ok thanks... Quote Link to comment Share on other sites More sharing options...
upcboy Posted February 1, 2013 Report Share Posted February 1, 2013 Can you explain how you did this? I already have a secure websever(apachee) but i'm not sure how to proceded to put this behind that "wall" Quote Link to comment Share on other sites More sharing options...
Mr. Chenevert Posted February 1, 2013 Author Report Share Posted February 1, 2013 http://weavervsworld.com/docs/other/passprotect.htmlHowever I would not recommend using this method. The password you create will likely not be as secure as the secret generated by appsync. Therefore, you are putting your data at risk. Quote Link to comment Share on other sites More sharing options...
upcboy Posted February 1, 2013 Report Share Posted February 1, 2013 I understand how to set up a password protected. My issue is this is not running off the apache webserver. I'm lost as to what is hosting it. It seems to be "hosting" its self the port 8888 only shows Syncapp running on it. Quote Link to comment Share on other sites More sharing options...
TraceHagan Posted February 5, 2013 Report Share Posted February 5, 2013 I agree there needs to be a way to lock the web interface. My server is exposed to the Internet, so anyone would be able to copy my secrets and sync my files. Quote Link to comment Share on other sites More sharing options...
AdrianTM Posted April 5, 2013 Report Share Posted April 5, 2013 To lock the web UI you need to use sync.conf (create it with --dump-sample-config option) and change the username and password there. You also need to specify to load sync.conf with this command: SyncApp --config sync.conf Quote Link to comment Share on other sites More sharing options...
rdebath Posted April 8, 2013 Report Share Posted April 8, 2013 I realize I can lock down the web gui, but it would be nice if there was a way to 'delete' the key from being shown ever again once the pairing was created.The key is a shared secret for your secret share, it cannot be 'deleted' as such.You can disabled the web gui altogether; this is by far the best for a 'safe' installation.But ... hey KOS!Allowing the web gui to ONLY show the first page (without buttons) as a sort of 'public status' page sounds nice. Quote Link to comment Share on other sites More sharing options...
MRACHINI Posted April 8, 2013 Report Share Posted April 8, 2013 put this in a file and name it sync.conf:{"check_for_updates" : true,"webui" :{ //"listen" : "0.0.0.0:8888", "login" : "Username", "password" : "Password"},"shared_folders" :[]}Start SyncApp with this command:SyncApp --config sync.conf Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.