I've gotten web2py working on my webfaction account with admin using
an https site pointing to the webapp and changing the
parameters_xxx.py file to the port that the web app should be using.
So now I have a regular site and a https site pointing to the port
that the app uses. I don't think wf allows you to access your app via
different ports - only the provided one - wf sees your standard
request and routes it to the correct and only port.
Massimo gave me the impression that this was insecure via this reddit
comment.
***QUOTE***
One is the parameters_*.py file. This file is required to enable admin
and normally it is created automatically when running the built-in web
server. In a production environment it is not created because you
should not run admin off port 80. Admin would not work anyway because
requires https unless in use a proxy, in which case if you enable
admin by manually creating this file, you open your system to
vulnerability (like using telnet instead of ssh). The proper way to
handle this is:
sudo -u www-data python -c "from gluon.main import save_password;
save_password(raw_input('admin password: '),443)"
and use admin only over https (port 443). Feel free to join us on the
web2py mailing list.
***/QUOTE***
I can get a web2py install running by using ssh to get to my account,
download web2py, unzip it and then run it once setting the admin
password. I then kill the process and then use a script to launch
anyserver.py using a cherrypy server.
My ultimate question is - if https is less secure to my wf app - how
do I use ssh to get to the apps admin?
The slice at "http://www.web2pyslices.com/slices/take_slice/71"; has
been tried and it didn't work or I didn't do it correctly. How do I
use ssh to access the web2py admin on webfaction?
There is this:
http://docs.webfaction.com/user-guide/databases.html#starting-an-ssh-tunnel-with-putty
But it pertains to accessing databases.
