RES Hyperdrive Secure those /VA admin pages
RES HyperDrive is configured via a admin webpage reachable on the default web url of the appliance https://fqdn/va. When you connect to the admin page you have to enter the appliance password to be able to configure the HyperDrive appliance.
The problem here is that anyone who knows the appliance URL is able to browse to the VA page and there is no option to disable this page on a certain interface. Although you need the appliance password for this this leaves you with a security risk.
The solution proposed by RES Software is to just delete all of the files in the VA folder but this means that you as an administrator are disallowing yourself to ever change anything on the admin pages again.
The nicest thing here would be to have an option to enable/disable the VA admin pages which is not available.
After some searching on the appliance in the default web site path /var/www/html we see that the /va “folder” is just a symbolic link to /usr/local/nomadesk-vaconfig/……..
This gives us some options because there’s nothing easier then removing a symbolic link with the unlink command. If we would ever need the VA pages again we simply ecreate the symbolic link.
Now we get to the cool part of this blog!
Do you remember we manage RES HyperDrive with RES Automation Manager? Since we do, we have a running Linux Automation Manager agent on the HyperDrive appliance. I’ve created two jobs called enable/disable HyperDrive VA pages which are attached to this blog post for your pleasure!
Leave a Reply