Server protection setups

This chapter describes how to protect the data and files on your server by using protection setups. Protection setups are triggered based on the request that the server receives, specifically on the particular directory, file, or type of file that the request addresses. Within a protection setup, subdirectives control how access is granted or denied based on the characteristics of the directories or files being protected.

Using the Configuration and Administration forms to set protection

To define a protection setup and how it is applied, in the Configuration and Administration forms, select Server Configuration -> Document Protection. Use this form for the following steps:

  1. Set the order for this protection rule.

    Protection rules are applied in the order in which they are listed in the table on the configuration form. In general, rules are listed from specific to generic.

    Use the drop-down menu and buttons to specify the placement of a protection rule.

  2. Define a request template.

    Protection is activated based on request templates, which are compared to the content of requests that clients send to your proxy server.

    A request is the part of a full URL that follows your server host name. For example, if your server is named fine.feathers.com and a browser user enters the URL http://fine.feathers.com/waterfowl/schedule.html, your server receives the request /waterfowl/schedule.html. Request templates specify directory or file names, or both, that are subject to protection. For example, some requests that activate protection based on the request template just described (/waterfowl/schedule.html) include /waterfowl/* and /*schedule.html.

    Type the request template in the URL request template field.

  3. Define a protection setup.

    A protection setup tells Caching Proxy what to do with a request that matches a request template. You can use a named protection setup or define a new setup in the Document Protection form.

    To use a named setup, click the Named protection radio button and type the name in the field provided. To define a new setup, click the In-line radio button and follow the instructions provided (see Step 6).

  4. Choose a requester address (optional).

    Different rules can be applied to requests from different server addresses. For example, you might want to apply a different protection setup to requests for log files when those requests are received from IP addresses assigned to your company.

    Note:
    For requester addresses to be screened, DNS lookup must be enabled. See DNS-Lookup -- Specify whether the server looks up client host names.

    If you want to include the address of the requester in the rule, type it in the Server IP address or host name field.

  5. Click Submit.

    If you have used a named protection setup, no further input is required. If you have selected an in-line protection setup or specified a named setup that does not exist, the system opens additional forms.

  6. Set protection details.

    If you did not specify an existing named protection setup, an additional form opens, on which you can specify which users can access the documents or directories matching the request template, and which actions those users are allowed.

  7. Click Submit.
  8. Restart the server.

Using configuration file directives to set protection

To set protection by directly editing Caching Proxy's configuration file, you must first understand the following issues:

Default protection settings

The default proxy configuration file includes a protection setup that requires an administrator ID and password in order to access files in the /admin-bin/ directory. This setting restricts access to the Configuration and Administration forms.