- HCL Connections Newsletter v2 and Join Community requests
- Show Community Create Button only to users with role "community-creator"
- Makefile to process all Asciidoctor files in a directory
- Update on the Touchpoint workaround
- Linkdump Week 44 / 2020
- Linkdump Week 42 / 2020
- Linkdump Week 41 / 2020
- Elasticsearch index creation problem
- Linkdump Week 40 / 2020
- Selfhost Shaarli
You can log login errors within IBM Http Server. One way would be to get use SetEnvIf, but then you can’t get the querystring of the error page. When you type a wrong password the URL changes from https://connectionshost/application/login/ to https://connectionshost/application/login/?error=true. SetEnvIf Request_URI "/login$" log This set the environment variable to log, but when you read the Apache documentation you find: The resource requested on the HTTP request line — generally the portion of the URL following the scheme and host portion without the query string. See the RewriteCond directive of mod_rewrite for extra information on how to match your query string
Preamble Before i begin with my securing article, i want to say something on security on IBM Connections. Mainly i don’t like the thing, that IBM only support very special versions of software. So we must use WebSphere 184.108.40.206, DB2 220.127.116.11, IHS 18.104.22.168 and so on. Each product had updates the last months and i think we won’t get support when we use other versions. So i have to chances. On the first side i can update my software to limit vulnerabilities and get perhaps no support, or i will have vulerable software with support. Just my 2 cent and i hope i will get answer, if i will get support with higher program versions.