Macromedia flash media server 2-managing flash media server ユーザーズマニュアル
216
Flash Media Server Security
Edit the security tags in the configuration files
Utilize the limits that can be set in the
server’s configuration files. Use the following tags in the configuration files to enhance the
server’s security:
server’s security:
■
Server.xml file
The
HostPort
tag nested in
AdminServer
container allows you to specify the port of your
choice for connecting to the Admin service with the management console. This allows
you to use a port that will work with your firewall configuration. The default is port 1111.
you to use a port that will work with your firewall configuration. The default is port 1111.
The
ServerDomain
tag lets you specify the domain that the Flash Media Server is running
in so that it can identify its domain to application servers you may want it to connect to.
The
SSL
tags let you specify your digital certificates used for client connections. If you
want secure connections using the RTMPS protocol, you must enter appropriate values in
the
the
SSL
tags.
■
Users.xml file
The
User
tags allow you to specify exactly who can connect to the server with the
management console. Only users specified with these tags can connect.
The
Allow
and
Deny
tags let you specify exactly which domains administrators can
connect from. Administrators cannot connect from domains that are not permitted with
these tags. If you are running the server on a Linux system, remember to allow
connections from the domains where administrators will use the console to manage and
monitor the server and its running applications.
these tags. If you are running the server on a Linux system, remember to allow
connections from the domains where administrators will use the console to manage and
monitor the server and its running applications.
■
Adaptor.xml file
The
Allow
and
Deny
tags let you specify exactly which domains administrators can
connect from. Administrators cannot connect from domains that are not permitted with
these tags. These tags indicate permissions specifically for the adaptor. If you are running
the server on a Linux system, remember to allow connections from the domains where
administrators will use the console to manage and monitor the server and its running
applications.
these tags. These tags indicate permissions specifically for the adaptor. If you are running
the server on a Linux system, remember to allow connections from the domains where
administrators will use the console to manage and monitor the server and its running
applications.
The
HostPort
tag allows you to specify the port to use for client connections and specify
if a port is secure or not. This lets you choose a port that works with your firewall
configuration. The default for RTMP connections is port 1935. The
configuration. The default for RTMP connections is port 1935. The
secure
attribute of
the
HostPort
tag, set to a value of
true
, allows you to specify that the port uses secure
FRTMP (RTMPS) for client connections. The default secure port is 443.
■
Vhost.xml file
The
MaxConnectionThreads
tag nested in the
ResourceLimits container
allows you
to limit the number of threads to use for processing input/output requests. This prevents
denial-of-service attacks from bringing down the server computer itself.
denial-of-service attacks from bringing down the server computer itself.