Apache restricted folder access problems

  • AnarchY SI
  • Web Master
  • Web Master
  • User avatar
  • Posts: 2521
  • Loc: /usr/src/MI

Post 3+ Months Ago

hey, i'm trying to make certain folders i have on my server restricted so that just my friends and i can access them, however i DO have access to the servers config file (considering its on my reg. pc) so instead of using .htaccess files..i'm using the <Directory> instructions in my httpd.conf file. however, for some reason i'm having a problem w/my user auth. i have my .htpasswd file and the location to it correct in my <Directory></Directory> "tags"(?) but when i try to login with any of the names / passwords, it wont login and wont let me. i know absolutely that tha usernames and passwords are right. i've restarted the httpd service multiple times.

i'm running Fedora Core 4 x86_64 with Apache 2.

any ideas on what could be wrong?
thanks
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

Give us the listing in that config file; are you using the AuthUserFile directive?
  • AnarchY SI
  • Web Master
  • Web Master
  • User avatar
  • Posts: 2521
  • Loc: /usr/src/MI

Post 3+ Months Ago

Quote:
<Directory "/var/www/html/downloads/privdl">
AuthUserFile "/var/www/****/.htpasswd"
AuthName "Your Name, you know the password.."
AuthType Basic
Options Indexes

<Limit GET POST>
require user ross
require user tim
require user chris
</Limit>
</Directory>
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

AnarchY SI wrote:
Quote:
<Directory "/var/www/html/downloads/privdl">
AuthUserFile "/var/www/****/.htpasswd"
AuthName "Your Name, you know the password.."
AuthType Basic
Options Indexes

<Limit GET POST>
require user ross
require user tim
require user chris
</Limit>
</Directory>


Ok, a couple of minor points to clear up first.

First, with some things, Apache is sensitive about directive order; so move them into this precedence, just to be sure;

Code: [ Select ]
 
AuthType Basic 
AuthName "Your name; you know the password ...." 
AuthUserFile "/var/www/****/authfilename" 
  1.  
  2. AuthType Basic 
  3. AuthName "Your name; you know the password ...." 
  4. AuthUserFile "/var/www/****/authfilename" 

I am going to stop there a sec; I have rearranged the directives, corrected some vernacular :) , and altered your passfile name. I hope you are NOT putting the passfile in the same tree as the content -- that is a serious no-no. Also, I would not use a dot file name, and certainly not htpasswd, which is the command to make the encrypted passwords.

That brings me to another point. You DID actually create the passfile using htpasswd, right? Sorry if the question seems 'basic', but I had to know.

Ok, pressing on.
Here's what i think would be easier to manage, versus 'requiring' each user; use groups.

Code: [ Select ]
 
AuthGroupFile "/var/www/****/authgroupname" 
Require group friends 
  1.  
  2. AuthGroupFile "/var/www/****/authgroupname" 
  3. Require group friends 


You don't need 'limits' -- the usefulness of that directive has been deprecated and was sadly blown out of proportion for too many years.

In the AuthGroupName, which I called 'authgroupname' -- clever, I know -- you have the following syntax;
Code: [ Select ]
 
friends: ross tim chris 
  1.  
  2. friends: ross tim chris 


Now, it checks the group in the groupfile, sends the name over to the userfile and verifies the password.
Now when you need to add someone, you simply have to edit the group and user files and the apacheconfig will pick up the change.

That should work.

Cheers.

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 36 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.