Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Password protecting sites w/ Apache2



Greetings All,

I have really been working hard on password protecting two sites on my box
for the last few days.  I've read all the documentation and am sure I'm
doing everything right, but for whatever reason I just can't get this to
work.
The sites are:
/var/www/ (/ of the webserver)
/var/www/base/ (/base on the web server).

I've created .htaccess files in each of the directories as follows:
*root at SJ-MA-LX-Nagios:/var/www# cat .htaccess*
*AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*AllowOverride All*
*#AuthGroupFile /dev/null*
*AuthType Basic*
*AuthName "Web Server"*
*AuthType Basic*
*require user nagiosadmin*

I put the same file in the /var/www/base folder.

I found that these two files did not have the desired impact of prompting a
user for a username and password when they visited my site.  Documentation I
read said that there needed to be a <directory> entry in the
/etc/apache2/httpd.conf file.  My file only appears to have the following
line:

*nagios at SJ-MA-LX-Nagios:/etc/apache2$ cat /etc/apache2/httpd.conf*
*SetEnv LD_LIBRARY_PATH $LD_LIBRARY_PATH:/usr/lib:/usr/local/lib:*

I added the following to the file without any luck:

*<Directory "/var/www/base">*
*#  SSLRequireSSL*
*   Options None*
*   AllowOverride All*
*   Order allow,deny*
*   Allow from all*
*#  Order deny,allow*
*#  Deny from all*
*#  Allow from 127.0.0.1*
*   AuthName "Basic Analysis and Security Engine (BASE)"*
*   AuthType Basic*
*   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*   Require valid-user*
*</Directory>*
*
*
I've tried adding this set of code to the
/etc/apache2/sites-available/default with no results.  The only time I can
get a result is when I change the AllowOverride for the root to something
other than NONE.

I'll post my default file, any thoughts?
*nagios at SJ-MA-LX-Nagios:~$ cat /etc/apache2/sites-available/default*
*<VirtualHost *:80>*
*        ServerAdmin webmaster at localhost*
*
*
*        DocumentRoot /var/www*
*        <Directory />*
*                Options FollowSymLinks*
*                AllowOverride none*
*                Allow from 127.0.0.1*
*        </Directory>*
*        <Directory /var/www/>*
*                Options Indexes FollowSymLinks MultiViews*
*                AllowOverride none*
*                Order allow,deny*
*                allow from all*
*#               AuthType Basic*
*                Allow from 127.0.0.1*
*#               AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*#               Require valid-user*
*        </Directory>*
*
*
*        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/*
*        <Directory "/usr/lib/cgi-bin">*
*                AllowOverride None*
*                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch*
*                Order allow,deny*
*                Allow from all*
*        </Directory>*
*
*
*        ErrorLog /var/log/apache2/error.log*
*
*
*        # Possible values include: debug, info, notice, warn, error, crit,*
*        # alert, emerg.*
*        LogLevel warn*
*
*
*        CustomLog /var/log/apache2/access.log combined*
*
*
*    Alias /doc/ "/usr/share/doc/"*
*    <Directory "/usr/share/doc/">*
*        Options Indexes MultiViews FollowSymLinks*
*        AllowOverride None*
*        Order deny,allow*
*        Deny from all*
*        Allow from 127.0.0.0/255.0.0.0 ::1/128*
*    </Directory>*
*
*
*#<Directory /base>*
*#   AllowOverride AuthConfig*
*#   AuthName "Basic Analysis and Security Engine (BASE)"*
*#   AuthType Basic*
*#   AuthUserFile /usr/local/nagios/etc/htpasswd.users Require valid-user*
*#</Directory>*
*
*
*<Directory "/base">*
*#  SSLRequireSSL*
*   Options None*
*   AllowOverride All*
*   Order allow,deny*
*   Allow from all*
*#  Order deny,allow*
*#  Deny from all*
*#  Allow from 127.0.0.1*
*   AuthName "Basic Analysis and Security Engine (BASE)"*
*   AuthType Basic*
*   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*   Require valid-user*
*</Directory>*
*
*
*<Directory "/var/www/base">*
*#  SSLRequireSSL*
*   Options None*
*   AllowOverride All*
*   Order allow,deny*
*   Allow from all*
*#  Order deny,allow*
*#  Deny from all*
*#  Allow from 127.0.0.1*
*   AuthName "Basic Analysis and Security Engine (BASE)"*
*   AuthType Basic*
*   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*   Require valid-user*
*</Directory>*
*
*
*</VirtualHost>*


Thanks!!!!






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org