Re: apache config

Subject: Re: apache config
christopher.murtagh@wcg.mcgill.ca
Date: Tue Sep 12 2000 - 23:01:12 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Gawain Reifsnyder: "Installing PHP4 -- Stumped..."
• Previous message: Paul J. Lucas: "Re: PowerBook IrDA HotSync"
• In reply to: andu: "apache config"
• Reply: christopher.murtagh@wcg.mcgill.ca: "Re: apache config"

On Tue, 12 Sep 2000, andu wrote:
>I need to have a /pub directory in /home/httpd which can be accessed
>with authentication. Apache is definitely not my strong point, is anyone
>able to help me? TIA

 Sure, I can help.

 First off, in your httpd.conf file, you might want to use the
AlllowOverride AuthConfig line like below:

<Directory />
    Options Includes FollowSymLinks
    AllowOverride AuthConfig
</Directory>

(more info at: http://www.apache.org/docs/mod/core.html#allowoverride)

 You will also need to specify what your authorization files are called,
in the case below they are either htaccess or .htaccess.

AccessFileName htaccess .htaccess

(more info at: http://www.apache.org/docs/mod/core.html#accessfilename)

The following section below is important as well so that people can't
retrieve your password files and try to brute-force/hack the passwords.

# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<Files ~ "^(\.ht|htaccess)">
    Order allow,deny
    Deny from all
</Files>

 Once these have been setup, restart apache. Usually this means executing
something like: '/etc/rc.d/init.d/httpd restart' at the shell.

 After that you create your htaccess (or .htaccess) file. Here is an
example one which requires a specific user:

AuthType Basic
AuthName My_Secret_Pub_Folder
AuthGroupFile /dev/null
AuthUserFile /home/httpd/auth/.htpasswd
require user joe_bloe

(more info on all of this at: http://www.apache.org/docs/mod/core.html)

Next, place this file in /home/httpd/pub/ then do the following:

mkdir /home/httpd/auth

htpasswd -b -c /home/httpd/auth/.htpasswd joe_bloe

(the -c will create the file, overwriting it if it already exists, don't
use it for any other users, more on this via 'man htpasswd').

 That should get you going. If you have any questions, just ask. Hope this
was helpful.

Cheers,

Chris

-- 
Christopher Murtagh
Webmaster / Web Communications Group
McGill University
Montreal, Quebec
Canada

• Next message: Gawain Reifsnyder: "Installing PHP4 -- Stumped..."
• Previous message: Paul J. Lucas: "Re: PowerBook IrDA HotSync"
• In reply to: andu: "apache config"
• Reply: christopher.murtagh@wcg.mcgill.ca: "Re: apache config"

This archive was generated by hypermail 2a24 : Tue Sep 12 2000 - 23:04:34 MDT