Even in that case, you would still have to be logged into admin for access.
On Tuesday, July 1, 2014 7:33:12 PM UTC-4, nick name wrote:
>
> By any chance, do any of you connect to a local vpn/proxy running on the
> server that relays the connection, rather than directly? (through openvpn,
> ssh
By any chance, do any of you connect to a local vpn/proxy running on the
server that relays the connection, rather than directly? (through openvpn,
sshuttle, ssh tunnels, nginx, socks or anything of the sort?)
If you do, then it is possible that the connection arrives to the app from
127.0.0.1
This should not be possible but of course it deserves investigation.
What web server do you use?
Are you behind any kind of proxy or load balancer?
Those friends who were able to access it, did they ever login into admin?
Can you diff your appadmin.py vs the latest welcome/controllers/appadmin?
Wh
all the "protection" logic is in the first 70 lines of the appadmin
controller.
On Tuesday, July 1, 2014 8:43:56 AM UTC+2, Detlev Bielz wrote:
>
> Hello,
>
> we, a small company, are using web2py for some web services with a couple
> of different apps we developed ourselves.
> Recently, a colle
4 matches
Mail list logo
