I'm running this control panel in Debian server: https://github.com/OpenGamePanel/OGP-Website/wiki
After the installation, I just have to access to Panel using my server IP.
But I want to protect it with user-password before accessing the site (to prevent inspect tools, info, or other tools) as I did with PHPMyAdmin URL:
https://i.stack.imgur.com/LdLKT.png
Added this: AllowOverride All
Here: sudo nano /etc/apache2/conf-available/phpmyadmin.conf
And this: AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
Here: sudo nano /usr/share/phpmyadmin/.htaccess
But not sure how to do the same for this panel to protect the / URL
Thanks.
just create (or edit the existing) .htaccess file in the document root of your control panel with these contents
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/etc/phpmyadmin/.htpasswd"
Require valid-user
the user/password will be the same as for your phpmyadmin
Related
I have WD MyBookLive 2TB, and did the following:
saved my own .htaccess to /var/www/mysebserver that points to my own .htpasswd located at /etc/apache2/.
Gave 777 permission to .htaccess
All my webpages located on the same folder with .htaccess.
The .htaccess file is:
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
The issue is that the basic authentication is not enabled, I still can access the HTML files without any authentication.
Moreover it seems .htaccess files are ignored even if I set in apache2.conf the followings:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
404 Internal Server Error is thrown when AllowOverride All
Apache version: 2.2.9
It seems WD MyBookLive is ignoring the .htaccess and .htpasswd files
How do I activate Basic Authentication?
So I just try your config in my .htaccess file and get base login form after that.
I found the article "How To Set Up Password Authentication with Apache on Ubuntu 14.04" (https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04)
I think it can happens becouse you don't installed apache2-utils.
Please, try next commands:
sudo apt-get install apache2-utils
sudo service apache2 restart
Resolution 1 :
Step 1: Installing the Apache utility Package
We will use a utility called htpasswd, part of the apache2-utils package, to create the file and manage the username and passwords needed to access restricted content.
sudo apt-get update
sudo apt-get install apache2-utils
Step 2: Creating the Password File
Now have access to the htpasswd command. We can use this to create a password file that Apache can use to authenticate users.
sudo htpasswd -c /etc/apache2/.htpasswd user
Suggestion : Leave out the -c argument for any additional users you wish to add:
sudo htpasswd /etc/apache2/.htpasswd another_user
NOTE : If we view the contents of the file, we can see the username and the encrypted password for each record:
cat /etc/apache2/.htpasswd
Step 3 Configuring Apache Password Authentication
Now that we have a file with users and passwords in a format that Apache can read, we need to configure Apache to check this file before serving our protected content. We can do this in one of two ways: either directly in a site’s virtual host file or by placing .htaccess files in the directories that need restriction.
Option 1: Configuring Access Control within the Virtual Host
The first option is to edit the Apache configuration and add the password protection to the virtual host file. This option requires access to the configuration, which isn’t always available, but when you do have access.
Begin by opening up the virtual host file that you wish to add a restriction to.
sudo nano /etc/apache2/sites-enabled/example.conf
Authentication is done on a per-directory basis. To set up authentication, you will need to target the directory you wish to restrict with a block. In our example, we'll restrict the entire document root
Within this directory block, specify that we wish to set up Basic authentication.
- For the AuthName, > choose a realm name that will be displayed to the user when prompting for credentials.
- Use the AuthUserFile directive > to point Apache to the password file we created.
- we will require a valid-user > to access this resource, which means anyone who can verify their identity with a password will be allowed in
Now you need to save and close the file when you are finished.
NOTE: Before restarting the web server, you can check the configuration with the following command:
sudo apache2ctl configtest
If everything checks out and you get Syntax OK, then restart the server to implement your password policy.
Option 2: Configuring Access Control with .htaccess Files
To enable password protection using .htaccess files, open the main Apache configuration file:
sudo nano /etc/apache2/apache2.conf
Find the block for the /var/www directory that holds the document root. Turn on .htaccess processing by changing the AllowOverride directive within that block from "None" to "All":
Save and close the file when you are finished.
Next, we need to add a .htaccess file to the directory we wish to restrict. Also, we'll restrict the entire document root (the entire website) which is based at /var/www/HTML, but you can place this file in any directory where you wish to restrict access
sudo nano /var/www/html/.htaccess
Within this file, specify that we wish to set up Basic authentication.
For the Auth Name > choose a realm name that will be displayed to the user when prompting for credentials.
Use the AuthUserFile directive > to point Apache to the password file we created.
we will require a valid-user > to access this resource, which means anyone who can verify their identity with a password will be allowed in
Step 4 — Confirming Password Authentication
To confirm that your content is protected, try to access your restricted content in a web browser. You should be presented with a username and password prompt that looks like this:
Save and close the file. Restart the web server to password protect all content in or below the directory with the .htaccess file
After some weeks of trying I succeeded with Digest Authentication with is better than Basic Authentication.
I Installed WebDav server on My Mook Live and after that I put PHP files inside webdav shared folder.
I configured PHP files t have only read Permission.
Here it is a tutorial of how to configure WebDav server on MyBookLive
If you plan to use .htaccess file for basic authentication. you will need an AllowOverride directive like the following:
AllowOverride AuthConfig
activate mod_rewrite: sudo a2enmod rewrite
edit /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
<Directory /var/www/mywebserver>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
. . .
</VirtualHost>
restart service: sudo systemctl restart apache2
create .htaccess file in /var/www/mywebserver/ and add following line in the top , and other lines bottom
RewriteEngine on
So, what's the story
I want to enable NTLM auth in Apache and already installed ntlm library (mod_auth_ntlm), installed necessary VS redistributable and placed following strings to httpd.conf
LoadModule auth_ntlm_module modules/mod_authn_ntlm.so
<Location /test >
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMOfferBasic off
<RequireAll>
<RequireAny>
Require valid-user
</RequireAny>
</RequireAll>
</Location>
Starting phpinfo - and there is no variables like REMOTE_USER, but ntlm library is successfully loaded
Any folder on web-server is accessible except /test folder - it just returns error 500
Apache error.log has following strings:
[Wed Feb 24 14:54:46.231132 2016] [authn_core:error] [pid 668:tid 1776] [client 10.16.66.19:53872] AH01796: AuthType NTLM configured without corresponding module
So, what's the catch? Any other possibilities?
Solution found!
Still, it's not NTLM library, but SSPI (mod-authn-sspi)
Download correct version of SSPI library (in case of Apache 2.4 it should be mod_authnz_sspi)
Unzip and put .so file into Apache /modules directory
Edit httpd.conf
LoadModule authnz_sspi_module modules/mod_authnz_sspi.so
<Directory "/test">
AllowOverride None
Options None
Order allow,deny
Allow from all
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain KL
Require valid-user
</Directory>
Create directory /test in your www folder (/test is just exemplary folder) and place following .htaccess file
AuthName "authoriz"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
require valid-user
Of course, you can change AuthName
Try following php code in the /test directory
<?php
$cred = explode('\\',$_SERVER['REMOTE_USER']);
if (count($cred) == 1) array_unshift($cred, "(no domain info - perhaps SSPIOmitDomain is On)");
list($domain, $user) = $cred;
echo "You appear to be user <B>$user</B><BR/>";
echo "logged into the Windows NT domain <B>$domain</B>";
?>
Should work!
This is driving me crazy. I have a Apache2 server with WebDAV enabled on my Debian Wheezy server. I can access it and read from it and it appears to be running correctly.
From my Windows 7 laptop I am running a software called NetDrive2 that mounts a network drive to my WebDAV folder so that I can access it with a drive letter.
Whenever I try to copy files from the Windows 7 laptop to my WebDAV drive, I sometimes get the error message:
Error 0x80070522: A required privilege is not held by the client."
The WebDAV folder has Basic AuthType and I have ofc provided correct user/pass. It is not SSL.
I have done some debugging myself and I am not sure, but it appears that I cannot create a folder that has the same name as a file in the same directory:
Folder:
- file.php
- file/ (cannot create this dir because file.php exists).
Anyone have any ideas? I am stuck!
OK so Googling further I finally found what was causing the problem. I cannot believe this is not mentioned in any tutorials out there.
This guy gave me the answer:
Apache Webdav, unable to create "test" folder when file test.txt exists
Basically, you have to add AllowOverride none, and Options None to your webdav directory.
This is my final configuration for my webdav host in Apache2:
Alias /devshed /home/www/sites/dev
Alias /devsheddav /home/www/sites/dev
<Directory /home/www/sites/dev/>
AllowOverride none
Order allow,deny
Allow from all
Options +Indexes +MultiViews
IndexOptions FancyIndexing
</Directory>
<Location /devshed>
DAV Off
Order allow,deny
Allow from all
AuthName "Pennybridge Devshed Web"
AuthType Basic
AuthUserFile /home/www/htaccess/sites/dev/dev.htpasswd
Require valid-user
</Location>
<Location /devsheddav>
DAV On
Options None
Order allow,deny
Allow from all
AuthName "Pennybridge Devshed WebDAV"
AuthType Basic
AuthUserFile /home/www/htaccess/sites/dev/dev.htpasswd
Require valid-user
php_flag engine off
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
DirectoryIndex disabled
</Location>
I got an error "AuthUserFile not specified in the configuration" in my error log file. how to fix it.
Here is my .htaccess file, its located in amazon file server.
## mod auth_mysql
AuthBasicAuthoritative Off
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_DB dbname
Auth_MySQL_Host localhost
Auth_MySQL_User username
Auth_MySQL_Password password
AuthMySQL_Password_Table tbl_name
AuthMySQL_Username_Field user_name
AuthMySQL_Password_Field password
AuthMySQL_Empty_Passwords off
AuthMySQL_Encryption_Types SHA1Sum
# Standard auth stuff
AuthType Basic
AuthName "restricted zone"
Require valid-user
you shall simply put a
AuthUserFile /dev/null
in your .htaccess. That did the trick for me.
for the rest of the pain that brings the configuration of auth_mysql, you have my full comprehension :)
That error isn't refering to your .htaccess but rather the main httpd.conf Apache configuration file. Add that line to your httpd.conf and then restart your httpd service.
I am currently testing CruiseControl + phpUnderControl for our PHP CI process and am stuck with a fairly simple question: is it possible to somehow restrict access to the web interface?
I cannot seem to find anything indicating this is possible, but I am probably overlooking something.
Why wouldn't Apache's mod_auth work?
Why don't you use mod_proxy ot redirect cruisecontrol's web interface through apache? then use apache auth. At phpexperts.pro, i have cruisecontrol listening on localhost:8080 and then i use mod_proxy like:
<VirtualHost *:80>
ServerName phpexperts.pro
<Location "/cruisecontrol/">
# Controls who can get stuff from this server.
Satisfy any
Order allow,deny
Allow from 127.0.0.1
AuthType Basic
AuthName "private"
AuthUserFile /var/www/phpexperts.pro/.htpasswd
AuthGroupFile /dev/null
Require valid-user
# Pass in CruiseControl's web interface.
ProxyPass http://localhost:8080/
ProxyPassReverse http://localhost:8080/
</Location>
</VirtualHost>