On 11.02.10 10:46, J. Webster wrote: > I have changed the config and can now login to the cache manager. > This was in the conf already: > http_access deny CONNECT !SSL_ports > > So, the issue remains whether allowing password access to the cache manager is enough. > How else can this be made more secure? I guess not if the only way for me to access it is through a public IP address. I think allowing managr only on https_port should work and help... -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95