Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
O
O
other_letter2015-02-06 13:11:49
Apache HTTP Server
other_letter, 2015-02-06 13:11:49

How to implement "iron" keys to access the site?

Finally, we are gradually establishing a convenient work outside the office.
Document flow and work schedules "run" through 1C. And so, through Apache, we published our 1C to the Internet.
Everything seems to be normal and relatively safe.
But something is restless to me - users give passwords to each other within the office, but here "God himself ordered" - you won’t figure it out right away what’s what.
Sooner or later, someone will write the password on a piece of paper, and lose the piece of paper. And okay, if everything is in order with security inside 1C. But this, in theory, can also be a manager who is admitted to a lot of what "dirty linen".
In short, I want to think about the "iron keys".
Do not advise Crypto-Pro and so on, okay? It costs a lot of money, they won’t give me for the experiment.
Can you tell me something like checking, for example, for a certain file on a flash drive? Or on the ID of the flash drive? Or something else that can be considered "iron". Of course, I want it to be controlled - at least by a list of IDs somewhere in the script.
In general, a simple certificate would also be suitable, which must be registered somewhere on the computer. Which can be declared invalid. But I really don't know how it's done.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
W
William Thorn, 2015-02-06
@xydope

habrahabr.ru/post/238589
habrahabr.ru/post/133481
+802.1x look
search
habrahabr.ru/search/?q=%D0%B4%D0%B2%D1%83%D1%85%D1...

Report
N
Nikolai Korabelnikov, 2015-02-06
@nmk2002

You can set up certificate authentication on Apache.
Certificates can also be stored on flash drives.
Look for manuals by the words "apache client cetrificate authentication".
Thus, no one will be able to access your 1C without a certificate.

Report
S
sasha, 2015-02-06
@madmages

I recommend google authenticator. This bucket rolls onto the user's phone and generates tokens once a minute. Each user has its own generator, which is attached to the user ID.

Report
K
kodi, 2015-02-06
@kodi

other_letter

In short, I want to think about the "iron keys".
Do not advise Crypto-Pro and so on, okay? It costs a lot of money, they won’t give me for the experiment.

Look at VipNet, I heard something about their free of charge in relation to Crypto-Pro.

Report
V
ValeraValera, 2017-09-19
@yynazare

All browsers:

.navbar {
    position: relative;
}

.logo-wrapper {
    position: absolute;
    left: 50%;
    transform: translateX(-50%);
}

New browsers:
.navbar {
    display: flex;
    width: 1200px;
    height: 200px;
}

.logo-wrapper {
    width: 100px;
    margin: auto;
}

Report
O
Oleg, 2017-09-19
@politon

Lots of options! It all depends on the required design for small versions

Similar questions
J
Jedi2018-12-16 04:12:40
How to write it in Koa? 3Reply
A
apptimeru2018-06-27 12:10:49
How to restrict access to site resources from certain ip? 0Reply
T
Tim32016-02-11 15:23:15
squidanalyzer configuration? 1Reply
C
chs_voks2016-02-13 20:24:41
How to properly proxy an SSL site in Apache 2.4? 2Reply
A
AlexanderShustik2016-02-14 21:49:54
Apache 2.4.18 on Mac OS XI, how to update? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question