Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Password protecting sites w/ Apache2

Hi Chris,

What modules do you have enabled? It sounds like you don't have
mod_auth_basic enabled. You should be able to enable it with this
command:
a2enmod auth_basic

Or create a symbolic link (on Ubuntu 10.04)
from /etc/apache2/mods-enabled/auth_basic.load
to /etc/apache2/mods-available/auth_basic.load 

If that's not the case have a look at Apache's error log, the location
will vary depending on which distro your using.

Cheers
Mick Timony

On Fri, 2010-06-04 at 16:02 -0400, Chris O'Connell wrote:

> Greetings All,
> 
> I have really been working hard on password protecting two sites on my box
> for the last few days.  I've read all the documentation and am sure I'm
> doing everything right, but for whatever reason I just can't get this to
> work.
> The sites are:
> /var/www/ (/ of the webserver)
> /var/www/base/ (/base on the web server).
> 
> I've created .htaccess files in each of the directories as follows:
> *root at SJ-MA-LX-Nagios:/var/www# cat .htaccess*
> *AuthUserFile /usr/local/nagios/etc/htpasswd.users*
> *AllowOverride All*
> *#AuthGroupFile /dev/null*
> *AuthType Basic*
> *AuthName "Web Server"*
> *AuthType Basic*
> *require user nagiosadmin*
> 
> I put the same file in the /var/www/base folder.
> 
> I found that these two files did not have the desired impact of prompting a
> user for a username and password when they visited my site.  Documentation I
> read said that there needed to be a <directory> entry in the
> /etc/apache2/httpd.conf file.  My file only appears to have the following
> line:
> 
> *nagios at SJ-MA-LX-Nagios:/etc/apache2$ cat /etc/apache2/httpd.conf*
> *SetEnv LD_LIBRARY_PATH $LD_LIBRARY_PATH:/usr/lib:/usr/local/lib:*
> 
> I added the following to the file without any luck:
> 
> *<Directory "/var/www/base">*
> *#  SSLRequireSSL*
> *   Options None*
> *   AllowOverride All*
> *   Order allow,deny*
> *   Allow from all*
> *#  Order deny,allow*
> *#  Deny from all*
> *#  Allow from 127.0.0.1*
> *   AuthName "Basic Analysis and Security Engine (BASE)"*
> *   AuthType Basic*
> *   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
> *   Require valid-user*
> *</Directory>*
> *
> *
> I've tried adding this set of code to the
> /etc/apache2/sites-available/default with no results.  The only time I can
> get a result is when I change the AllowOverride for the root to something
> other than NONE.
> 
> I'll post my default file, any thoughts?
> *nagios at SJ-MA-LX-Nagios:~$ cat /etc/apache2/sites-available/default*
> *<VirtualHost *:80>*
> *        ServerAdmin webmaster at localhost*
> *
> *
> *        DocumentRoot /var/www*
> *        <Directory />*
> *                Options FollowSymLinks*
> *                AllowOverride none*
> *                Allow from 127.0.0.1*
> *        </Directory>*
> *        <Directory /var/www/>*
> *                Options Indexes FollowSymLinks MultiViews*
> *                AllowOverride none*
> *                Order allow,deny*
> *                allow from all*
> *#               AuthType Basic*
> *                Allow from 127.0.0.1*
> *#               AuthUserFile /usr/local/nagios/etc/htpasswd.users*
> *#               Require valid-user*
> *        </Directory>*
> *
> *
> *        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/*
> *        <Directory "/usr/lib/cgi-bin">*
> *                AllowOverride None*
> *                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch*
> *                Order allow,deny*
> *                Allow from all*
> *        </Directory>*
> *
> *
> *        ErrorLog /var/log/apache2/error.log*
> *
> *
> *        # Possible values include: debug, info, notice, warn, error, crit,*
> *        # alert, emerg.*
> *        LogLevel warn*
> *
> *
> *        CustomLog /var/log/apache2/access.log combined*
> *
> *
> *    Alias /doc/ "/usr/share/doc/"*
> *    <Directory "/usr/share/doc/">*
> *        Options Indexes MultiViews FollowSymLinks*
> *        AllowOverride None*
> *        Order deny,allow*
> *        Deny from all*
> *        Allow from 127.0.0.0/255.0.0.0 ::1/128*
> *    </Directory>*
> *
> *
> *#<Directory /base>*
> *#   AllowOverride AuthConfig*
> *#   AuthName "Basic Analysis and Security Engine (BASE)"*
> *#   AuthType Basic*
> *#   AuthUserFile /usr/local/nagios/etc/htpasswd.users Require valid-user*
> *#</Directory>*
> *
> *
> *<Directory "/base">*
> *#  SSLRequireSSL*
> *   Options None*
> *   AllowOverride All*
> *   Order allow,deny*
> *   Allow from all*
> *#  Order deny,allow*
> *#  Deny from all*
> *#  Allow from 127.0.0.1*
> *   AuthName "Basic Analysis and Security Engine (BASE)"*
> *   AuthType Basic*
> *   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
> *   Require valid-user*
> *</Directory>*
> *
> *
> *<Directory "/var/www/base">*
> *#  SSLRequireSSL*
> *   Options None*
> *   AllowOverride All*
> *   Order allow,deny*
> *   Allow from all*
> *#  Order deny,allow*
> *#  Deny from all*
> *#  Allow from 127.0.0.1*
> *   AuthName "Basic Analysis and Security Engine (BASE)"*
> *   AuthType Basic*
> *   AuthUserFile /usr/local/nagios/etc/htpasswd.users*
> *   Require valid-user*
> *</Directory>*
> *
> *
> *</VirtualHost>*
> 
> 
> Thanks!!!!
> _______________________________________________
> Discuss mailing list
> Discuss-mNDKBlG2WHs at public.gmane.org
> http://lists.blu.org/mailman/listinfo/discuss
BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix / webmaster@blu.org