Apache2Triad Help, Support and Development Forum Index Search Profile Log in to check your private messages Log in Register Memberlist Attachments Statistics Crew/Ranks Archive
 Tutorial: How to add password protection for apache
Google
Post new topic Reply to topic
Author Message
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Fri Jul 11, 2003 6:32 am Reply with quoteBack to top

How to configure apache2triad for password protection? In 4 easy, quick steps

Step 1:
Open c:\apache2\conf\httpd.conf in any text editor and find at the bottom the following code:
Code:
#htdocs config
<Directory "C:/apache2/htdocs">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>


And change

Code:
AllowOverride None


to

Code:
AllowOverride AuthConfig


Step 2:
Create a password file by running "command prompt (c:\windows\system32\cmd.exe)" and typing "c:\apache2\bin\htpasswd.exe -c c:\apache2\htdocs\secure\.htpasswd username".
Replace "c:\apache2\htdocs\secure\.htpasswd" with the folder you want secured, and replace "username" with the name you want. After pressing return you will be prompted to enter the password you want twice.

Step 3:
Open the directory you want secured (ex. c:\apache2\htdocs\secure), and make a file called ".htaccess".

Step 4:
In your secured directory should now have 2 files, ".htpasswd" and ".htaccess".
Open ".htaccess" in a text editor and add the following lines, replacing "Secure Files" with a name for this secure folder and "USERNAME" with the username you just added. For multiple users add all the names with spaces in between (ex. USERNAME1 USERNAME2)

Code:
AuthType Basic
AuthName "Secure Files"
AuthUserFile /.htpasswd
Require user USERNAME


Thats all folks!


Last edited by kolatracks on Fri Jul 25, 2003 1:43 am; edited 1 time in total
View user's profileSend private message
Matrix333
 
 


Joined: 09 Jul 2003
Posts: 1

PostPosted: Sat Jul 12, 2003 12:16 am Reply with quoteBack to top

this didnt work for me

anyone get this to work?
View user's profileSend private message
Vlad Alexa Mancini
lead developer
lead developer


Joined: 07 Jul 2003
Posts: 1539

PostPosted: Sat Jul 12, 2003 1:00 am Reply with quoteBack to top

sure it works
i would not allow it to be posted here if it wouldnt
so try harder and focus
View user's profileSend private message
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Sat Jul 12, 2003 1:13 am Reply with quoteBack to top

This tutorial was written while I did a fresh install of apache2triad on a new computer. It definatly works, and I noticed your posts elsewhere and read them. So could you again post your whole httpd.conf after applying my tutorials (final copy) or better yet email it to me. Just to make sure as well email the ".access" file as well. I'll change any neccasary IP's, make a user, directory structure and try get it running on my system.

If I get it running i'll post the solution.

2 questions
1. Do you get a "error 500 Internal server error" when trying to access secure directory?
2. What OS are you using?


Last edited by kolatracks on Mon Jul 19, 2004 4:14 am; edited 1 time in total
View user's profileSend private message
Vlad Alexa Mancini
lead developer
lead developer


Joined: 07 Jul 2003
Posts: 1539

PostPosted: Sat Jul 12, 2003 1:27 am Reply with quoteBack to top

better yet Matrix333 .. i looked at your server .. things look messed up
how about you stop apache and mysql
run apache2triad1.1.3.exe
run 1.1.3updateandfix.exe
run apache2triadsetup.bat

you will have a password protected directory that is c:\apache2\htdocs\apache2triad\
that is guaranteed ... you can take it over from there

(i just uploaded 1.1.3updateandfix.exe that has password protection added)
View user's profileSend private message
resinmonkey
 
 


Joined: 06 Oct 2003
Posts: 1

PostPosted: Mon Oct 06, 2003 6:37 am Reply with quoteBack to top

This walk thru helped me out, and it worked the first time with out having to re-read anything.

my hat is off to whom ever slapped this together for us.


Resin!
View user's profileSend private message
bau-lin
 
 


Joined: 07 Oct 2003
Posts: 2

PostPosted: Mon Oct 13, 2003 5:26 am Reply with quoteBack to top

I'M TRYING TO DO THE STEPS BELOW BUT AM UNABLE TO FIGURE SOME:

Step 2:
Create a password file by running "command prompt (c:\windows\system32\cmd.exe)" and typing "c:\apache2\bin\htpasswd.exe -c c:\apache2\htdocs\secure\.htpasswd username".
Replace "c:\apache2\htdocs\secure\.htpasswd" with the folder you want secured, and replace "username" with the name you want. After pressing return you will be prompted to enter the password you want twice.

I KNOW HOW TO GO TO RUN AND TYPE IN CMD.

BUT WHEN I CAN'T FIGURE OUT THE "(c:\windows\system32\cmd.exe)and typing "c:\apache2\bin\htpasswd.exe -c c:\apache2\htdocs\secure\.htpasswd username". Replace "c:\apache2\htdocs\secure\.htpasswd" with the folder you want secured, and replace "username" with the name you want" PART

Step 3:
Open the directory you want secured (ex. c:\apache2\htdocs\secure), and make a file called ".htaccess".

DO I CREATE THIS DIRECTORY IN CMD TOO? HOW DO I DO SO?

Step 4:
In your secured directory should now have 2 files, ".htpasswd" and ".htaccess".
Open ".htaccess" in a text editor and add the following lines, replacing "Secure Files" with a name for this secure folder and "USERNAME" with the username you just added. For multiple users add all the names with spaces in between (ex. USERNAME1 USERNAME2)

Code:
AuthType Basic
AuthName "Secure Files"
AuthUserFile /.htpasswd
Require user USERNAME

I CREATED THE ABOVE IN NOTEPAD BUT DO I ADD THIS IN CMD TOO?
View user's profileSend private messageSend e-mail
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Mon Oct 13, 2003 4:00 pm Reply with quoteBack to top

I assume your trying this as an attempt to fix your other mistakes as pointed out in the other thread of yours.
In that case the above tutorial only works for adding a new password protected folder and does not apply to changing the old passwords.

Take the advice given in the your other thread and that will solve your problem of changing the default password.
View user's profileSend private message
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Mon Oct 13, 2003 4:30 pm Reply with quoteBack to top

For anyone else,
The above tutorial still applies if you you want to add a new protected directory.
However apache2triad now by default comes with a few secured directories, the passwords for which cannot be changed using the exact same command line used in the tutorial above.

The default password will, in newer versions, be changed by a new password change script, which for now can be downloaded at http://213.152.46.100/apache2triad/password_change.phps.

But for those who wish to learn the proper command line for changing old passwords it is:
Code:

htpasswd.exe c:\apache2\htdocs\.htpasswd root

Obviously the above example would change the default root password.

And if your serious about running apache then you'll need to read the manual, I strongly suggest it.
See http://httpd.apache.org/docs-2.0/programs/htpasswd.html for more info on using htpasswd.exe
View user's profileSend private message
benweb
 
 


Joined: 19 Feb 2004
Posts: 1
Location: uk

PostPosted: Sun Mar 07, 2004 12:37 pm Reply with quoteBack to top

I've read all the stuff you have on here about setting up the secure webpage, it seems to work, I have all the right files but whenever I try to access that folder I can't no matter what I put the username and password as it still won't let me in.
What have I done wrong?
This is the bit you said to change in httpd.conf
#htdocs config
<Directory "C:/apache2/htdocs">

Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>

and this is my .htaccess file
AuthType Basic
AuthName "notts"
AuthUserFile /.htpasswd
Require user bob

this is the .htpasswd file that is output from the command line
bob:$apr1$vX5.....$S9H2oeLzK4JlVht2zjJ4v/
the password should be bob
thanks
View user's profileSend private message
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Mon Mar 08, 2004 4:35 am Reply with quoteBack to top

The only thing I can see that might be wrong is the path to AuthUserFile.
Use the full path instead, and if it contains a blank space then quote is like so:
AuthUserFile "c:\apache2\Directory With Witespace\.htpasswd".

Other than that, it should work.
View user's profileSend private message
knightdogs
 
 


Joined: 26 May 2004
Posts: 2

PostPosted: Thu May 27, 2004 5:58 pm Reply with quoteBack to top

Hello all, Just a quick question, i followed the instructions and still can not get it to work(logging in as localhost). below are my 3 files, user dennis, password dennis. thanks in advance for any and all help. I will be putting this online tonight if i do not get it running right so you can hit it to see(after 8pm easter time(www.knightdog.no-ip.com). also it is on a win2k machine( fresh install, fresh install of apache2triad also).

install dir: c:\apache2triad

Please attach long files rather than copy-pasting them
View user's profileSend private messageSend e-mail
kolatracks
past contributor
past contributor


Joined: 07 Jul 2003
Posts: 313
Location: UK

PostPosted: Thu May 27, 2004 8:24 pm Reply with quoteBack to top

What's the error you get, do you not get any?

Either way I'm pretty sure you need to change
Code:
AuthUserFile /.htpasswd

to
Code:
AuthUserFile c:\apache2triad\htdocs\dennis\d2\.htpasswd
View user's profileSend private message
Vlad Alexa Mancini
lead developer
lead developer


Joined: 07 Jul 2003
Posts: 1539

PostPosted: Thu May 27, 2004 8:38 pm Reply with quoteBack to top

he would get a very descriptive
Quote:
The system cannot find the file specified Could not open password file
type error

indeed the full path to the .htpasswd file needs to be provided
View user's profileSend private message
knightdogs
 
 


Joined: 26 May 2004
Posts: 2

PostPosted: Fri May 28, 2004 1:56 am Reply with quoteBack to top

I am sorry, brain is fried, i dont get an error it just keeps challenging me for the user name and password.
View user's profileSend private messageSend e-mail
Display posts from previous:      
Post new topic Reply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
Powered by phpBB © 2001, 2002 phpBB Group :: FI Theme
All times are GMT