Re: Can HTTP be used to upload

Subject: Re: Can HTTP be used to upload
From: andu (undo@cloud9.net)
Date: Mon Oct 16 2000 - 09:00:19 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: goo: "Re: libXm.so.6 cant open shared obj file"
• Previous message: Jag: "Re: Can HTTP be used to upload files like FTP?"
• Next in thread: Vanja Bucic: "YUP error"

>
>I recently discovered the hard way that clients connecting via passive FTP
>can't get through NAT firewalls (Linksys DSL/Cable router). So, I need an
>simple, easy alternative for non-computer-literate people to upload files.
>=A0
>My plan is to have a web page present a user login screen. Once logged in
>they'd be taken to their ~ directory and could upload/download/delete files=
>..
>=A0
>Can this be done with HTTP? If so, I'd appreciate some guidance on
>accomplishing it.

Absolutely. If the server is Apache make sure put module is built in. You will need to have a file ".htaccess" in the directory users have access to. Bellow I insert an answer I got from the list on how to do it. You will need a web page to call a cgi script on the server to upload/delete files.

##########################

> First off, in your httpd.conf file, you might want to use the
>AlllowOverride AuthConfig line like below:
>
><Directory />
> Options Includes FollowSymLinks
> AllowOverride AuthConfig
></Directory>
>
>(more info at: http://www.apache.org/docs/mod/core.html#allowoverride)
>
> You will also need to specify what your authorization files are called,
>in the case below they are either htaccess or .htaccess.
>
>AccessFileName htaccess .htaccess
>
>(more info at: http://www.apache.org/docs/mod/core.html#accessfilename)
>
>
>The following section below is important as well so that people can't
>retrieve your password files and try to brute-force/hack the passwords.
>
># The following lines prevent .htaccess files from being viewed by
># Web clients. Since .htaccess files often contain authorization
># information, access is disallowed for security reasons. Comment
># these lines out if you want Web visitors to see the contents of
># .htaccess files. If you change the AccessFileName directive above,
># be sure to make the corresponding changes here.
>#
># Also, folks tend to use names such as .htpasswd for password
># files, so this will protect those as well.
>#
><Files ~ "^(\.ht|htaccess)">
> Order allow,deny
> Deny from all
></Files>
>
> Once these have been setup, restart apache. Usually this means executing
>something like: '/etc/rc.d/init.d/httpd restart' at the shell.
>
> After that you create your htaccess (or .htaccess) file. Here is an
>example one which requires a specific user:
>
>AuthType Basic
>AuthName My_Secret_Pub_Folder
>AuthGroupFile /dev/null
>AuthUserFile /home/httpd/auth/.htpasswd
>require user joe_bloe
>
>(more info on all of this at: http://www.apache.org/docs/mod/core.html)
>
>
>Next, place this file in /home/httpd/pub/ then do the following:
>
>mkdir /home/httpd/auth
>
>htpasswd -b -c /home/httpd/auth/.htpasswd joe_bloe
>
>(the -c will create the file, overwriting it if it already exists, don't
>use it for any other users, more on this via 'man htpasswd').
>
> That should get you going. If you have any questions, just ask. Hope this
>was helpful.
>
>Cheers,
>
>Chris

####################################

>=A0
>
>--=20
>Randy Perry
>rgp systems
>
>Mac Consulting/Sales
>
>.

Regards, Andu
_______________________
undo@cloud9.net

• Next message: goo: "Re: libXm.so.6 cant open shared obj file"
• Previous message: Jag: "Re: Can HTTP be used to upload files like FTP?"
• Next in thread: Vanja Bucic: "YUP error"

This archive was generated by hypermail 2a24 : Mon Oct 16 2000 - 09:06:51 MDT