ownCloud Routing
-
@coliver said:
We mentioned previously that you need to configure ownCloud to use the hostname in those shared links. That won't help for external communication but as long as you have the DNS A record pointing to the ownCloud server you won't have an issue internally. You probably have to configure this in the apache file. What you want to do can't be done externally to the ownCloud server. Until you configure this any link you attempt to send out will always have the IP address instead of the hostname.
We dont have a unified domain yet. Its all broken up
-
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
I'm assuming that you do not have a DMZ?
All internet goes through Windstream so I dont think so
That's not relevant, a DMZ is on your side of the Internet.
I have a DMZ port on the SonicWALL
-
@alex.olynyk said:
@coliver said:
We mentioned previously that you need to configure ownCloud to use the hostname in those shared links. That won't help for external communication but as long as you have the DNS A record pointing to the ownCloud server you won't have an issue internally. You probably have to configure this in the apache file. What you want to do can't be done externally to the ownCloud server. Until you configure this any link you attempt to send out will always have the IP address instead of the hostname.
We dont have a unified domain yet. Its all broken up
That really doesn't matter. You can always go back and change the hostname again to whatever you end up with. From what you've written here you want a hostname in place of the IP address. Is that correct?
-
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
I'm assuming that you do not have a DMZ?
All internet goes through Windstream so I dont think so
That's not relevant, a DMZ is on your side of the Internet.
I have a DMZ port on the SonicWALL
There is a SonicWall? Where did this come into the conversation?
-
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
I'm assuming that you do not have a DMZ?
All internet goes through Windstream so I dont think so
That's not relevant, a DMZ is on your side of the Internet.
I have a DMZ port on the SonicWALL
There is a SonicWall? Where did this come into the conversation?
We have a SonicWALL but it only does VPNs
-
Are you trying to reference the ownCloud by IP or by hostname?
-
-
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
-
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
Yes
-
What steps do i need to take to access it by hostname?
-
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
Yes
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
-
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
-
@scottalanmiller said:
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
so rename the centos box to something like owncloud.mycompanyname.com?
-
Once you have ownCloud seeing itself as having a hostname, this should be in the admin settings, then the emails that it sends out should look right. That is step one.
-
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
so rename the centos box to something like owncloud.mycompanyname.com?
The CentOS box has its own hostname that will not update ownCloud. But having them match is not a bad idea.
In CentOS it is simply:
vi /etc/hostname
-
and add that name to trusted domains?
-
@scottalanmiller said:
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
Damn....... !!! Scott's ripping on someone
-
@alex.olynyk said:
and add that name to trusted domains?
You can do that, not normally needed, but it might be in your case.
-
@DustinB3403 said:
Damn....... !!! Scott's ripping on someone
Using "not fixing something simple as an excuse to turn off security" could be classified as a form of social engineering and is very serious.
-
Oh I agree, just the response was very strongly worded.