[Tfug] Well now it's an Apache security rodeo...
Jim March
1.jim.march at gmail.com
Fri Jul 3 19:05:22 MST 2009
On Fri, Jul 3, 2009 at 4:57 PM, Matt Jacob<matt at mattjacob.com> wrote:
> If you're running Apache as your web server, it's fairly trivial to
> set up HTTP Basic Authentication:
>
> http://httpd.apache.org/docs/2.2/howto/auth.html
>
> Matt
Ehhhh...it ain't working.
Hmmmm.
OK, here's exactly what I did:
1) I figured out where my web-stuff was sitting: /var/www
2) I put a file there name of .htaccess containing:
---
AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require user zmuser
---
3) I made sure the directory /usr/local/apache/passwd/passwords
existed with everybody-can-read-it permissions (only root can write).
4) I ran the command:
sudo htpasswd -c /usr/local/apache/passwd/passwords zmuser
...and gave it a password DIFFERENT from the user login password (user
is logging into XUbuntu as zmuser and passwords are NOT default).
And...shouldn't that have done it?
There's directories under /var/www that contain data being served -
should I copy that .htaccess file down into them?
Note that I don't need separate user access levels for multiple
users...there's just the shop owner going to use this.
Thanks!
Jim
More information about the tfug
mailing list