password protection directory

You are here: Index > Webuzo > General Support > Topic : password protection directory

Threaded Mode | Print

password protection directory (15 Replies, Read 31855 times)

view	# December 28, 2013, 5:16 pm
Group: Member Post Group: Working Newbie Posts: 76 Status:	Hello I need to set password protection for one addon domein on webuzo and because do not have some instant solution i put manual settings with .htaccess and .htpasswd I put .htaccess in /home/user/addondomainname.com/.htaccess Code AuthType Basic AuthName "restricted area" AuthUserFile /home/user/.htpasswd require valid-user and .htpasswd put in /home/user/.htpasswd with Code username:password Password is converted with MD5.And this does not work.Can you help me?
IP: --

password protection directory

optsoft	# December 28, 2013, 9:23 pm \| Post: 1
Group: Member Post Group: Newbie Posts: 38 Status:	https://www.google.co.in/search?q=htpasswd+password+encryption A few: http://www.htaccesstools.com/htpasswd-generator/ http://www.web2generators.com/apache/htpasswd_generator http://tools.dynamicdrive.com/password/ http://sherylcanter.com/encrypt.php However, note that it is not a good idea to tell a third-party website what your username and password are. Option 2: Install PHP File Navigator from Webuzo / Softaculous scripts: Then see here: http://pfn.sourceforge.net/index.php?opc=3&v=2&lg=ing Look for "Web Access Control". Try these options and make sure to tell us if they work or not !
IP: --

password protection directory

view	# December 29, 2013, 12:08 am \| Post: 2
Group: Member Post Group: Working Newbie Posts: 76 Status:	@optsoft Thank you for your answare. First option does not help because i tryed that and it`s not needed pasword generators,and i tryed few methodes. Option 2 is ok,but that is last option if i do not found solution for .htaccess+.htpasswd
IP: --

password protection directory

valley	# December 31, 2013, 4:42 am \| Post: 3
Group: Webuzo Team Post Group: Super Member Posts: 1644 Status:	Hi, Though the auth module is enabled in Apache by default in case of Webuzo, you can confirm if any other modules are required for this to work. You can follow this guide to setup password protected directories: http://www.thesitewizard.com/apache/password-protect-directory.shtml Hope it helps \m/ ----------------------- Webuzo : Single User Control Panel Join Webuzo : Facebook Twitter
IP: --

password protection directory

optsoft	# January 12, 2014, 6:40 am \| Post: 4
Group: Member Post Group: Newbie Posts: 38 Status:	Hi, I have to password protect my cgi-bin directory, as it is not empty any more. So I followed the instructions here: http://www.thesitewizard.com/apache/password-protect-directory.shtml The problem is I get the error- which I found at the default webuzo error log location Code /usr/local/apps/apache/logs/domain.com.err . The error text is: Code /home/user/public_html/cgi-bin/.htaccess: Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration I looked up google on the cause of the error and found this: http://www.shkodenko.com/apache-htaccess-invalid-command-authuserfile-perhaps-misspelled-or-defined-by-a-module-not-included-in-the-server-configuration/ That is, maybe authn_file_module is not loaded. And sure enough in Code /usr/local/apps/apache/etc/httpd.conf I found: Code #LoadModule authn_file_module modules/mod_authn_file.so So I uncommented it and tried the instructions on that page: Quote check web server Apache configuration: Code # /sbin/service httpd configtest and reload web server using command: Code # /sbin/service httpd graceful I get the syntax OK message on the first command, but I get the following error for the second: Code httpd not running, trying to start (98) Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs So I tried Code # /sbin/service httpd restart and got this: Code Stopping httpd: FAILED Starting httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs FAILED This probably means that using the service command to restart apache is not a good idea as the default locations for apache are not being used - i.e. apache uses /usr/local/apps/apache/etc/httpd.conf rather than /etc/httpd.conf. Am I right? So how do I restart Apache from web interface of Webuzo and the command line?
IP: --

password protection directory

optsoft	# January 12, 2014, 6:59 am \| Post: 5
Group: Member Post Group: Newbie Posts: 38 Status:	Ok, so I found the web interface to restart apache and tried but it gives an error: Quote There was an error while restarting the service Everything else works - http, https, but still same error: Code /home/user/public_html/cgi-bin/.htaccess: Invalid command 'AuthUserFile', perhaps misspelled or defined by a module not included in the server configuration The .htaccess and .htpasswd files are proper - as expected. So how do I enable password protection? Is some other module than "mod_authn_file.so / authn_file_module" to be used? Or does it need some more configuration in httpd.conf or .htaccess ? ~/public_html/cgi-bin/.htaccess contents: Code AuthName "Secure Area" AuthType Basic AuthUserFile /home/user/public_html/cgi-bin/.htpasswd Require valid-user ~/public_html/cgi-bin/.htpasswd contents: Code (username):(password)
IP: --

password protection directory

optsoft	# January 12, 2014, 7:04 am \| Post: 6
Group: Member Post Group: Newbie Posts: 38 Status:	Also, both .htpasswd and .htaccess have 664 permissions (i.e. read for all)
IP: --

password protection directory

Themis-T	# January 12, 2014, 12:01 pm \| Post: 7
Group: Member Post Group: Newbie Posts: 28 Status:	Take a look at Apache configuration and see if you have something like this: LoadModule auth_basic_module modules/mod_auth_basic.so #LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_file_module modules/mod_authn_file.so #LoadModule authn_alias_module modules/mod_authn_alias.so #LoadModule authn_anon_module modules/mod_authn_anon.so #LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule authz_default_module modules/mod_authz_default.so ----------------------- NEW: Cloud Hosting on Cloud VPS: 10 €/mo - FAST SSD drives - FREE Webuzo control panel - Multiple locations: NY / NL
IP: --

password protection directory

valley	# January 13, 2014, 7:16 am \| Post: 8
Group: Webuzo Team Post Group: Super Member Posts: 1644 Status:	Hi, Kill the Apache service completely and restart it. Hope it helps \m/ ----------------------- Webuzo : Single User Control Panel Join Webuzo : Facebook Twitter
IP: --

password protection directory

optsoft	# January 14, 2014, 10:09 am \| Post: 9
Group: Member Post Group: Newbie Posts: 38 Status:	Quote From : valley January 13, 2014, 7:16 am Kill the Apache service completely and restart it. I used pidof httpd and killall -s KILL -e httpd to kill all httpd processes. Now it wont restart from the Webuzo Services web UI and I get the default Apache CentOS page This means that the httpd running is the /usr/sbin/httpd that comes with CentOS. So, what is the command or script to run the Apache in /usr/local/apps/apache/bin/httpd with the proper parameters? Thanks in advance. /opsoft
IP: --

password protection directory

divij	# January 15, 2014, 5:49 am \| Post: 10
Group: Member Post Group: Elite Member Posts: 290 Status:	Hi, Sir you have to remove the default apache that comes with CentOS. Then reinstall the apache from apps categories.
IP: --

password protection directory

optsoft	# January 15, 2014, 9:23 am \| Post: 11
Group: Member Post Group: Newbie Posts: 38 Status:	Quote Sir you have to remove the default apache that comes with CentOS. Then re-install the apache from apps categories. Ok. 2 questions: 1. Which other apps are to be removed from CentOS standard install - this issue can repeat with things other than httpd. I had assumed that the Webuzo install script would have done the necessary removals - maybe I did something wrong? As far as I know, I followed the instructions in the install Howto properly, but could be I missed a step. 2. Now if I uninstall the CentOS Apache, do i really need to remove and re-install Webuzo Apache - i.e. what I worry is that if while uninstalling Webuzo Apache so as to re-install it, will I lose my settings / data ? I.e. do I need to backup conf files and public_html ? Or will the remove + reinstall not touch the data ? Thanks in advance. /optsoft
IP: --

password protection directory

valley	# January 15, 2014, 1:49 pm \| Post: 12
Group: Webuzo Team Post Group: Super Member Posts: 1644 Status:	Quote 1. Which other apps are to be removed from CentOS standard install - this issue can repeat with things other than httpd. Sir Webuzo requires to be installed on a minimal CentOS machine with no third-party applications installed. Current version of CentOS i.e 6.5 is shipped with applications like Apache, Postfix, etc which conflict with the Webuzo Binaries. Quote what I worry is that if while uninstalling Webuzo Apache so as to re-install it, will I lose my settings / data ? It is recommended that you backup your Apache configuration changes if any and re-install Webuzo. Re-installing will only clean-up the config, keeping the public_html directory unaffected. ----------------------- Webuzo : Single User Control Panel Join Webuzo : Facebook Twitter
IP: --

password protection directory

optsoft	# January 22, 2014, 8:10 am \| Post: 13
Group: Member Post Group: Newbie Posts: 38 Status:	1. ------------------------- I removed the default Apache in CentOS with yum erase and removed and installed the Apache App from Webuzo's System Apps section. Worked smoothly, did not remove any configuration files, although I did backup to be on the safe side. 2. -------------------------- Password protection of directories still eludes solution. The HTTP Basic authentication popup appears with the right title and accepts a username and password and just keeps asking endlessly. At the back-end, the server error log says: Code access to /folder failed, reason: require directives present and no Authoritative handler. Googling around tells me that I need to use either a Linux user, or use "Require valid-user" which is what I have done and defined a users in the .htpasswd file in use ~/public_html/cgi-bin/.htaccess contents: Code AuthName "Secure Area" AuthType Basic AuthUserFile /home/user/public_html/folder/.htpasswd Require valid-user ~/public_html/folder/.htpasswd contents: Code (username):(password) Would this have anything to do with adding override directives in httpd.conf vhost file - Code /usr/local/apps/apache/etc/conf.d/webuzoVH.conf This is supposed to not be edited by hand, so where do we make edits, if needed? So, any clues? Thanks in advance. /optsoft
IP: --

password protection directory

peopleinside	# January 22, 2014, 9:17 pm \| Post: 14
Group: Member Post Group: Super Member Posts: 1394 Status: Open source, web and security passionate	Conclusion: Simple operation like directory password protection very hard with Webuzo ^_^ ----------------------- PeopleInside Web, security, open source passionate.
IP: --

« Previous Next »

Threaded Mode | Print

Jump To :

Users viewing this topic
	1 guests, 0 users.

All times are GMT. The time now is April 24, 2024, 4:59 am.

Powered By AEF 1.0.8 © 2007-2008 Electron Inc.

Queries: 11 | Page Created In:0.044