Securing the smartserver overview, Updating smartserver security settings – Echelon SmartServer 2.2 User Manual

522

Appendix C

– Securing the SmartServer

Securing the SmartServer Overview

You can secure a folder or individual files in the SmartServer using the i.LON Web Server
Securityand Parameters program. This program is included with the SmartServer software. With the
i.LON Web Server Security and Parameters program, you can add a security realm to a
WebParams.dat file. A realm defines which folder or file (URL) can be accessed by which users
(group) and from which IP addresses (location). For more information on basic authentication, see
thefollowing Web site:

www.faqs.org/rfcs/rfc2617.HTML

.

The SmartServer parses the WebParams.dat file upon startup to establish Web page restrictions. The
WebParams.dat file is stored as plain text with no encryption or password protection. This means that
SmartServer’s security is protected from inspection by FTP security (user name and password) only.
You must use proper user names and passwords for FTP access to prevent the WebParams.dat file
from being viewed, as described in Configuring Security Properties in Chapter 3, Configuring and
Managing the SmartServer. In addition, you should secure the computer that you are using to create
the WebParams.dat file.

This appendix does the following:

1. Describes how to update the SmartServer’s default security settings using the i.LON Web Server

Security and Parameters program.

2. Lists the key folders and files in the SmartServer and explains how they should be secured.

3. Provides the formats of the realms that you can add to the WebParams.dat file for securing

folders and files.

4. Demonstrates how to secure SmartServer Web pages based on the number of user groups, the

level of security (minimal to complete password protection), and the types of pages being accessed
(system or custom).

Note: You may need to add a realm for any file in a shared folder that needs to be
secured.Securing User Accounts

Updating SmartServer Security Settings

The SmartServer’s factory default WebParams.dat file allows access to all files under the
root/Webfolder on the SmartServer flash disk from any location by any user. To update the
SmartServer’s security settings, follow these steps:

1. Download via FTP the existing WebParams.dat file from the root directory on the SmartServer

flash disk to your computer.

2. Start the i.LON Web Server Parameter utility. To do this, click Start, point to Programs, point to

Echelon SmartServer Software, and then select SmartServer Web Server Security and
Parameters.

3. Open the WebParams.dat file. To do this, click File, click Open, and then browse to and select

the WebParams.dat file that you saved to your computer in step 1.

4. Update the WebParams.dat file. See the next section in this appendix, Setting Access

Restrictions, for how to do this.

5. Save the updated WebParams.dat file. To do this, click File and then click Save.

6. Upload via FTP the updated WebParams.dat file to the root directory on the SmartServer flash

disk.

7. Reboot the SmartServer to implement the new security settings.