Added: Q30: How can I prevent intruders from using my Tahoe-LAFS web-interface?

[Imported from Trac: page FAQ, version 92]
2013-04-25 11:28:00 +00:00 · 2013-04-25 11:28:00 +00:00 · f2fff209da
parent 071b5d3467
commit f2fff209da
1 changed files with 6 additions and 1 deletions
--- a/FAQ.md
+++ b/FAQ.md
@ -206,3 +206,8 @@ A: It depends on multiple factors starting from your hardware and ending with TP
 Practically the following results have been reported: **16Mbps in throughput for writing and about 8.8Mbps in reading** (based on Grid of 24 storage nodes on 24 VM's running under OpenStack in 4 data centres; each VM had two 2 VCPU's, 4GB of RAM, and 50GB of disk space).

 You can read the following section for more details: [Performance](https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Performance).
+
+**<a name="Q30_authorization">Q30:</a> How can I prevent intruders from using my Tahoe-LAFS web-interface? Even without knowing exact object caps they will be able to see stats and upload objects.**
+
+A: There is no such built-in authorization capability in Tahoe-LAFS. Security is based on secret object caps.
+Meanwhile you can forbid unauthorized access to your Tahoe-LAFS WUI by using firewall (iptables, ipfw etc.) and combining it with proxy-server authorization and redirection (nginx, apache, squid etc.)