?
Solved

Authentication configurations

Posted on 2006-05-26
4
Medium Priority
?
182 Views
Last Modified: 2010-08-05
Hello All,

I want to password protect some directories on my apache server. I am running apache 2.0. I have followed the documentation for authenticating by username but when prompted for user name and password it still gets rejected. I even tried a very simple password but it is still rejected. I'm not sure what else to look at. Here is the config for the directory:

<Directory "/var/www/html/stuff">
        AuthType Basic      
        AuthName "Stuff"
        AuthUserfile /var/www/secrets/secret
        Require user secretuser    
</Directory>


Also what are better ways to secure directories? I am not using .htaccess files.


Thanx
GR
0
Comment
Question by:GR999
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:sleep_furiously
ID: 16771412
Did you use htpasswd to create your user file?

When you look at the contents of the file that AuthUserfile points to, do you see something like the examples below?

secretuser:ZXBb9QHrR2Q0Y
or
secretuser:$apr1$HxA7z...$3fzQlWCQHsRW9ypn/UhkV1

Or are you using a plaintext password file?

secretuser:mypass

What platform are you running on?  If attempting to use plaintext passwords, this can only be done on Windows (not cygwin), Netware, and TPF.

Are there more specific messages in the Apache error log?
0
 

Author Comment

by:GR999
ID: 16772718
Sorry, I am running Fedora Core 4. My passwords are not plaintext. They are like the first one:

secretuser:ZXBb9QHrR2Q0Y

Hmmm ok in error_log I get this, not sure why.

(13)Permission denied: Could not open password file: /var/www/secrets/secret

Who should have permission? Just root or apache also chmod 700, 770, 774?

What is the best way to password protect directories?

0
 
LVL 10

Accepted Solution

by:
sleep_furiously earned 2000 total points
ID: 16773271
The apache user/group in your httpd.conf is the user that needs permission.  What exactly the permissions mode will look like of course depends on who the owner of the file is.

Since you are running Fedora Core 4, you may have to worry about SELinux preventing Apache from reading files as well. (http://fedora.redhat.com/docs/selinux-apache-fc3/sn-simple-setup.html)

There is not one "best" way to password protect directories -- it comes down to what you consider to be "best".  Easiest setup?  Highest security?  Least effort to maintain?  Most convenient for users?

0
 

Author Comment

by:GR999
ID: 16775546
Thank you! Just chgrp to apache and works fine. Thanx.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month13 days, 10 hours left to enroll

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question