Password protecting sites w/ Apache2
Chris O'Connell
omegahalo-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Jun 4 16:02:32 EDT 2010
Greetings All,
I have really been working hard on password protecting two sites on my box
for the last few days. I've read all the documentation and am sure I'm
doing everything right, but for whatever reason I just can't get this to
work.
The sites are:
/var/www/ (/ of the webserver)
/var/www/base/ (/base on the web server).
I've created .htaccess files in each of the directories as follows:
*root at SJ-MA-LX-Nagios:/var/www# cat .htaccess*
*AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*AllowOverride All*
*#AuthGroupFile /dev/null*
*AuthType Basic*
*AuthName "Web Server"*
*AuthType Basic*
*require user nagiosadmin*
I put the same file in the /var/www/base folder.
I found that these two files did not have the desired impact of prompting a
user for a username and password when they visited my site. Documentation I
read said that there needed to be a <directory> entry in the
/etc/apache2/httpd.conf file. My file only appears to have the following
line:
*nagios at SJ-MA-LX-Nagios:/etc/apache2$ cat /etc/apache2/httpd.conf*
*SetEnv LD_LIBRARY_PATH $LD_LIBRARY_PATH:/usr/lib:/usr/local/lib:*
I added the following to the file without any luck:
*<Directory "/var/www/base">*
*# SSLRequireSSL*
* Options None*
* AllowOverride All*
* Order allow,deny*
* Allow from all*
*# Order deny,allow*
*# Deny from all*
*# Allow from 127.0.0.1*
* AuthName "Basic Analysis and Security Engine (BASE)"*
* AuthType Basic*
* AuthUserFile /usr/local/nagios/etc/htpasswd.users*
* Require valid-user*
*</Directory>*
*
*
I've tried adding this set of code to the
/etc/apache2/sites-available/default with no results. The only time I can
get a result is when I change the AllowOverride for the root to something
other than NONE.
I'll post my default file, any thoughts?
*nagios at SJ-MA-LX-Nagios:~$ cat /etc/apache2/sites-available/default*
*<VirtualHost *:80>*
* ServerAdmin webmaster at localhost*
*
*
* DocumentRoot /var/www*
* <Directory />*
* Options FollowSymLinks*
* AllowOverride none*
* Allow from 127.0.0.1*
* </Directory>*
* <Directory /var/www/>*
* Options Indexes FollowSymLinks MultiViews*
* AllowOverride none*
* Order allow,deny*
* allow from all*
*# AuthType Basic*
* Allow from 127.0.0.1*
*# AuthUserFile /usr/local/nagios/etc/htpasswd.users*
*# Require valid-user*
* </Directory>*
*
*
* ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/*
* <Directory "/usr/lib/cgi-bin">*
* AllowOverride None*
* Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch*
* Order allow,deny*
* Allow from all*
* </Directory>*
*
*
* ErrorLog /var/log/apache2/error.log*
*
*
* # Possible values include: debug, info, notice, warn, error, crit,*
* # alert, emerg.*
* LogLevel warn*
*
*
* CustomLog /var/log/apache2/access.log combined*
*
*
* Alias /doc/ "/usr/share/doc/"*
* <Directory "/usr/share/doc/">*
* Options Indexes MultiViews FollowSymLinks*
* AllowOverride None*
* Order deny,allow*
* Deny from all*
* Allow from 127.0.0.0/255.0.0.0 ::1/128*
* </Directory>*
*
*
*#<Directory /base>*
*# AllowOverride AuthConfig*
*# AuthName "Basic Analysis and Security Engine (BASE)"*
*# AuthType Basic*
*# AuthUserFile /usr/local/nagios/etc/htpasswd.users Require valid-user*
*#</Directory>*
*
*
*<Directory "/base">*
*# SSLRequireSSL*
* Options None*
* AllowOverride All*
* Order allow,deny*
* Allow from all*
*# Order deny,allow*
*# Deny from all*
*# Allow from 127.0.0.1*
* AuthName "Basic Analysis and Security Engine (BASE)"*
* AuthType Basic*
* AuthUserFile /usr/local/nagios/etc/htpasswd.users*
* Require valid-user*
*</Directory>*
*
*
*<Directory "/var/www/base">*
*# SSLRequireSSL*
* Options None*
* AllowOverride All*
* Order allow,deny*
* Allow from all*
*# Order deny,allow*
*# Deny from all*
*# Allow from 127.0.0.1*
* AuthName "Basic Analysis and Security Engine (BASE)"*
* AuthType Basic*
* AuthUserFile /usr/local/nagios/etc/htpasswd.users*
* Require valid-user*
*</Directory>*
*
*
*</VirtualHost>*
Thanks!!!!
More information about the Discuss
mailing list