ownCloud Routing
-
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
I'm assuming that you do not have a DMZ?
All internet goes through Windstream so I dont think so
That's not relevant, a DMZ is on your side of the Internet.
I have a DMZ port on the SonicWALL
There is a SonicWall? Where did this come into the conversation?
We have a SonicWALL but it only does VPNs
-
Are you trying to reference the ownCloud by IP or by hostname?
-
-
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
-
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
Yes
-
What steps do i need to take to access it by hostname?
-
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
@scottalanmiller said:
Are you trying to reference the ownCloud by IP or by hostname?
IP
Well that's your problem. You can't do that. Fix that first THEN let's work on getting things working as needed. You don't give users IP addresses, that's nuts. Your BOSS thinks this is okay? And he's so dedicated to it that he is using it as an excuse to bypass the FIREWALL?
Yes
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
-
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
-
@scottalanmiller said:
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
so rename the centos box to something like owncloud.mycompanyname.com?
-
Once you have ownCloud seeing itself as having a hostname, this should be in the admin settings, then the emails that it sends out should look right. That is step one.
-
@alex.olynyk said:
@scottalanmiller said:
@alex.olynyk said:
What steps do i need to take to access it by hostname?
First, set ownCloud to send out hostnames. It needs to be configured with a name, not an IP address. So something like owncloud.mycompany.com for example. (We used oc.ntg.co since we are ntg.co and we like short names.)
so rename the centos box to something like owncloud.mycompanyname.com?
The CentOS box has its own hostname that will not update ownCloud. But having them match is not a bad idea.
In CentOS it is simply:
vi /etc/hostname
-
and add that name to trusted domains?
-
@scottalanmiller said:
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
Damn....... !!! Scott's ripping on someone
-
@alex.olynyk said:
and add that name to trusted domains?
You can do that, not normally needed, but it might be in your case.
-
@DustinB3403 said:
Damn....... !!! Scott's ripping on someone
Using "not fixing something simple as an excuse to turn off security" could be classified as a form of social engineering and is very serious.
-
Oh I agree, just the response was very strongly worded.
-
@alex.olynyk said:
What steps do i need to take to access it by hostname?
If you're using apache (I will assume you are) you need to edit your virtualhost:80 and virtualhost:443 to have the ServerName be owncloud.mycompany.com.
-
Once you have the hostname set up you can handle things in a few different ways...
Externally you need to make a DNS entry (A record) for the new server and point to the public IP address of the server. That must be done. Once that is done, external will just work. Internal might but it sounds unlikely.
Internally you can do something as simple as putting that server into the hosts files on the individual machines. A pain, but simple and it works.
You can put a DNS entry in for it internally on your internal DNS. This works better.
-
@DustinB3403 said:
@scottalanmiller said:
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
Damn....... !!! Scott's ripping on someone
I think @JaredBusch said it appropriately in the last thread. @alex-olynyk and their boss need to get an MSP or someone in to fix this mess before it does any serious harm, if it hasn't already, to the company.
-
@coliver said:
@DustinB3403 said:
@scottalanmiller said:
If you were to be audited for this, a good auditor would use the term "professional negligence." That means an error so large that puts the business at risk and so inappropriate that a judge would consider lifting employee protections so that the company can prosecute criminal action against the person who did it. This is a level of security blunder so great that your boss has the responsibility to go to management and tell them that he's not qualified to be doing what he is doing and is in over his head to a point where he is a danger to the business. Not doing so puts him in deep legal hot water.
Damn....... !!! Scott's ripping on someone
I think @JaredBusch said it appropriately in the last thread. @alex-olynyk and their boss need to get an MSP or someone in to fix this mess before it does any serious harm, if it hasn't already, to the company.
they are doing this now