[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 241
  • Last Modified:

APACHE - PASSWORD/VIRTUAL HOST PRBLM ---)

I am currently running APACHE as a web server and have configured .htaccess security files and the have worked propperly, that is they ask for a password when you come to a restricted area of the webpage. BUT ever since I have installed ANY virtual hosts it has not worked AT ALL ANYWHERE although the virtual host does. PLEASE SOMEONE HELP ME... thanks in advanced...
0
TENSOR
Asked:
TENSOR
  • 5
  • 3
1 Solution
 
jlevieCommented:
Do you mean that all user authentication stopped working, real and virtual instances? Or do you mean that the virtual hosts aren't honoring .htaccess files in their respective htdocs directories? Being able to see one of your virtual host config sections would help a lot in our being able to solve this problem.
0
 
TENSORAuthor Commented:
############## THIS SECTION WAS ADDED BY SENTHIL - ###########
NameVirtualHost 63.194.81.67
<VirtualHost 63.194.81.67>
ServerName www.v-solve.com
DocumentRoot /somewhere/abc/html/
AccessFileName .htaccess
</VirtualHost>
########## LELANDSD.COM - SENTHIL #############################
<VirtualHost 63.194.81.67>
ServerAdmin fatalerror404@hotmail.com
ServerName www.lelandsd.com
DocumentRoot /somewhere/else/lelandsd/
AccessFileName .htaccess
</VirtualHost>
<VirtualHost 63.194.81.67>
ServerAdmin fatalerror404@hotmail.com
ServerName lelandsd.com
DocumentRoot /somewhere/else/lelandsd/
AccessFileName .htaccess
</VirtualHost>
################################################
0
 
TENSORAuthor Commented:
Edited text of question.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jlevieCommented:
First, you don't need to the "AccessFile" directive in each virtual host section. It's sufficient to declare it once in the global section. Typically one wants to have at the global level a piece like:

AccessFileName .htaccess
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

Which defines the htaccess file name and prevents those files from being seen if the document directory is browseable.

The reason that your virtual hosts aren't requiring user authentication is that you've not told Apache to do so. Each directory to be protected must allow user authentication to be set up with an "AllowOverride Authconfig" directive. Also, there's a couple of other directives one should typically apply to a directory (especially a document root). So one of you virtual hosts should look like:

<VirtualHost 63.194.81.67>
ServerName www.v-solve.com 
DocumentRoot /somewhere/abc/html/
<Directory />
    Options Indexes FollowSymLinks
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
</Directory>
</VirtualHost>
0
 
TENSORAuthor Commented:
Please post your awnsers as comments as the future, If they work I will acept it as an awnser...
0
 
TENSORAuthor Commented:
I meant to accept that...please write it again and I will accept...
0
 
jlevieCommented:
First, you don't need to the "AccessFile" directive in each virtual host section. It's sufficient to declare it once in the global section. Typically one wants to have at the global level a piece like:

AccessFileName .htaccess
<Files ~ "^\.ht">
   Order allow,deny
   Deny from all
</Files>

Which defines the htaccess file name and prevents those files from being seen if the document directory is browseable.

The reason that your virtual hosts aren't requiring user authentication is that you've not told Apache to do so. Each directory to be protected must allow user authentication to be set up with an "AllowOverride Authconfig" directive. Also, there's a couple of other directives one should typically apply to a directory (especially a document root). So one of you virtual hosts should look like:

<VirtualHost 63.194.81.67>
  ServerName www.v-solve.com 
  DocumentRoot /somewhere/abc/html/
    <Directory />
      Options Indexes FollowSymLinks
      AllowOverride AuthConfig
      Order allow,deny
      Allow from all
  </Directory>
</VirtualHost>
0
 
TENSORAuthor Commented:
thanks!
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now