New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hiding OWA behind HTTP-AUTH #417
Comments
You probably want to reverse-proxy everything except the collector with basic http-auth. A nativ implementation would be (in my opinion) not useful for enough people. |
What would the stats collect in? the web server log file? It's possible that OWA's async tracking event processor could be modified to read/parse an a non-OWA log format. That's where i would start. Right now when you put OWA into async tracking mode, the PHP endpoint just writes the incoming tracking request data to an OWA events log file. OWA is then evoked on the command line to process that file(s). The events log file processor is well abstracted already so it's just an issue of writing a custom or configurable parser and putting in the proper config switches to tell OWA to use that instead of the default file processor. |
You can block access by IP-Address through .htaccess. I used this, to accomplish this:
|
I'm going ot close this as I'm not sure there's a feature here. If someone wants get more specific on an implementation change lets use a new issue to track that. |
It'd be nice if the main part of an external OWA installation could be "hidden" (or "protected") behind a simple HTTP-AUTH (just to let the web server take the first hit instead of PHP) but still allow for statistics collection.
Perhaps this is a web server configuration issue though (in my case, nginx), in which case the documentation wiki could be a good place to explain how to accomplish this.
The text was updated successfully, but these errors were encountered: