About Us

History and Intro

Bio Info

Expertise

Securing your SEQUEST Browser

Author:   Mark Hail  
Posted: 1/5/01; 6:38:43 PM
Topic: Securing your SEQUEST Browser
Msg #: 130 (top msg in thread)
Prev/Next: 125/137
Reads: 18599

Overview: You're running the SEQUEST browser on your corporate network and you don't want just any old hack to have access to your site.  This SEQUEST tip will show you how to get started in securing your SEQUEST site from the rest of the world.

First, there's no need to panic.  If you are running the SEQUEST browser behind your corporate firewall, people outside of your company should not be able to access your site.  However, that said, an extra level of protection can't hurt.  Especially, if you are acquiring a lot of proprietary proteomics data.  The WebSite Pro software has a lot of security features.  For example, if you are really concerned about unauthorized access, you can limit access to specific IP addresses.  In this exercise, we are going to set up security by setting up Users and Groups to allow different access priviledges to the appropriate users as desired. 

We have a server running the SEQUEST browser, and we have set up the WebSite Pro software (included with the SEQUEST browser) to limit access to our site.  Unless you have a valid username and password, you can't get in.

Show me the money, I want security! Here's what you need to do.  You need to set up Users and/or Groups and set permissions for those Users/Groups for your web directories.  I have set up both admin (aka, super users) and regular users (aka, stupor users) on our site, which is what I'll demonstrate here.  First you need to access the Server Properties for the Website Pro Software.  Do this from your Windows NT start menu as shown below:

server properties:

Once the Server Properties control panel is up. You need to setup Groups.  Click on the Groups tab. Select the WebServer Authentication realm.  You should already have Users and Administrators groups, as part of the standard WebSite Pro installation.  Use the Group drop down box to check.  If Users and Administrators groups are not there,  create them. Below, you can see that only users mhail and Admin are part of the Administrators group and have admin priviledges on our website.  The users ddetlefsen, hootie, and jwhitney are not members of the Administrators group.

admin group:

The regular users group has everyone as a member as shown below:

users group:

Now, if you click on the Users tab in the server properties window, you can configure the users and to which group they belong.  When you click on User|New..., you can set the name of the users and a password for each.  In our example below, the user hootie is a member of the regular Users group, but not a member of the Administrators group.  Still confused?  Have a beer, and read the WebSite Pro help by clicking on the Help button in your server properties window.

user website access:

We're not quite done yet.   What we've done so far is defined a group of potential users for your site. We've set up a general users group and an admin group. Now you have to tell the WebSite software which users can use what.  In the default state, everyone on your network can access your webserver.  This is why I write this. Now, click on the Access Control tab in the server properties window.  In the URL Path dropdown it should be displaying "/".  This is the server root directory.  In the default installed state,  the authorized users and groups box is empty, which allows anyone on the network to access your site and all subdirectories thereof.  As you can see below, I have made a few modifications.  I have added the Administrators and Users groups to the authorized users list.  This means that only these authorized users will be able to access the site.  The other thing that I have done is that I have selected Disable directory listings. This prevents everyone from seeing things that you may not want to show them.

root access:

The way the WebSite software works is that it applies a global security directive to all subdirectories until it encounters another directive.  So if you disable directory listings at the root level, then all of the directories served by the WebSite software will not be able to show directory contents.  The SEQUEST browser needs to allow directory listings for its directories. Therefore,  you can enable directory listings for the /sequest directory by unchecking the Disable directory listings checkbox for this directory as shown below.

sequest access:

For additional information, you may want to check out:

  • The online documentation for your WebSite Pro software: (for example, depending on where you have installed it C:\WebSite\Admin\Help\SrvAdmin\index.html ).  You may want to pay particular attention to the Access Control Tab Help in the server properties if you are interested in limiting access by IP.  Refer to the section on Class Restrictions on how to set this up.
  • UPDATE: O'Reilly recently sold Website Pro to another company (Deerfield).  The last update of O'Reilly Website Pro 2.x was 2.5.8.  Website 3.1 is now available from Deerfield.com.   It looks like there are no support options for 2.x Website Pro users, but you can upgrade to 3.1 for $150.  Deerfield maintains a users forum which may be helpful if you have support issues on WSPro 2.x versions.  Of course there's always Microsoft IIS if you want to open up another "can of worms".
  • Read on, for more SEQUEST tips...
n-Print: Print n-Mail: Mail this page

©Copyright 2000-2008 Novatia LLC
Disclaimer and terms of usage
e-mail: info@enovatia.com

This is a Manila Site:

Home About Us Analyses Products Consulting Research Info