Nice document, have you done the part 3 yet ? for security purposes we're asked to block access to the CSA web interface from the internet.
I've thought about adding an .htaccess file or just moving gsb folder but I don't want to mess up our CSA.
I would like to implement the same thing, does anyone have instructions on how to do this?
I plan to do part 3, but have not had a chance yet. Here is a brief rundown if you want to get a head start.
This assumes you have read part 1 and 2, and are familiar with the process to work with the CSA files referenced below. They are located in the same directory as client.vroot which we worked with previously.
Option 1. To disable the entire web interface, but still be able to directly browse out to the management interface. (e.g https://ldcsa/gsb)
- Rename Index.tmpl to Index.tmpl-off
- Reboot CSA
Option 2. Leave the web interface functional, but completely disable the management interface. (Note: this will also disable the direct management interface. Only way to restore functionality is to rename the file back to original name)
- Rename gsbweb.vroot to gsbweb.vroot-off
- Reboot CSA
Agent functionality remains since it utilizes different web services, but make sure you test test test and be aware this is not supported by LANDESK.