"Fossies" - the Fresh Open Source Software Archive

Member "ampache-5.0.0/docs/API-acls.md" (31 Aug 2021, 2355 Bytes) of package /linux/www/ampache-5.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field. See also the latest Fossies "Diffs" side-by-side code changes report for "API-acls.md": 4.4.3_vs_5.0.0.

Ampache supports internal Access Control Lists, these are IP/DNS based restrictions on different actions and interactions with Ampache. By Default Access Controls lists are turned off in Ampache. In order to turn them on you must modify the /config/ampache.cfg.php and set access_control to true

; Use Access List
; Toggle this on if you want ampache to pay attention to the access list
; and only allow streaming/downloading/xml-rpc from known hosts xml-rpc
; will not work without this on.
; NOTE: Default Behavior is DENY FROM ALL
; DEFAULT: false
;access_control = "false"

The default configuration of Ampache's ACLs when enabled is Deny From All. There are a few different types, and levels

Start IP & End IP

This is a range of IP addresses represented by a pair of dotted quad's. This does not have to be within a subnet boundary. Currently only IPV4 is supported.

Any IP Address:

0.0.0.0 - 255.255.255.255

Any 10.x IP Address:

10.0.0.0 - 10.255.255.255

ACL Types

ACL Users

Ampache allows you to define different ACLs to different users. This can be useful for defining connecting an API calls to a username, or to limiting a specific user's streaming access regardless of their IP Address. The default is 'system' which will apply to all users of Ampache.

Access Levels

This setting is not fully implemented, more on this later

Setting up an ACL

ACl's can only be created by Full Administrators. You can find them under the Admin Menu under the submenu Access Control