Hi, I have a web server with sevral users in the group ftp. they have the ability to ftp into their home directories. In apache how to I set .htaccess to allow the Linux user group ftp to be allowed to view a protected web directory?
Thanks.
Hi, I have a web server with sevral users in the group ftp. they have the ability to ftp into their home directories. In apache how to I set .htaccess to allow the Linux user group ftp to be allowed to view a protected web directory?
Thanks.
Bump
Anybody? Is this even possible? I found this but don't understand it.
http://www.washington.edu/webinfo/ht.../weblogin.html
Lanrat,
Here is what you can do with Apache to require a password to enter a directory. Do the following as root.
1. Edit the configuration file for the site, (located in /etc/httpd/conf.d/ or /etc/httpd/conf/httpd.conf) and add/modify the AllowOverride directive for the directory or site that you want passwords for so that it reads:
2. Go the to directory for the site that you want to secure and make/edit the .htaccess file for that directory/site:Code:AllowOverrides AuthConfig
Take note of the location of of the AuthUserFile. It can be anywhere, but you may not want it inside of any folder that apache serves content from.Code:AuthName "LanRat's Secrets" AuthType basic AuthUserFile /var/www/.htpasswd require valid-user
3. Run the following commands. The first one creates the .htpasswd file. The second one should be run for each user that needs access to the site/directory (substitute lanrat for each user's name). The -m specifies to use MD5 passwords.
4. Restart apache and give it a try. You should be prompted with a window asking for username and password.Code:htpasswd -c /var/www/.htpasswd htpasswd -m /var/www/.htpasswd lanrat
Good Luck!
I know how to do that. What I wanted to do was Linux user authentication. So that all users who belonged to a certain group could be able to log in. and any changed to the Linux user would reflect on this.
Thanks.
OK - here you go.
1. Disable SELinux. For some reason, I could not get this to work with the tragetted policy being enforced. Once I turned it off everything worked.
2. Ensure that the mod_auth_shadow and mod_auth_pam modules are installed. I had to add in the line for mod_auth_shadow.3. edit .htaccess to look like this:Code:LoadModule auth_shadow_module modules/mod_auth_shadow.so4. Restart Apache. Apache will complain about it when you restart stating that it is already loaded, but if you don't load it, then this will not work.Code:AuthName "Restricted" AuthType Basic AuthPAM_Enabled on AuthShadow on #require valid-user require group ftpAuthShadow causes a program called validate to execute as suid and check /etc/shadow for authentication. AuthPAM is also needed otherwise you will have PAM errors generated by AuthShadow.Code:Starting httpd: [Thu Jan 10 18:45:57 2008] [warn] module auth_shadow_module is already loaded, skipping [ OK ]
The .htpasswd file is not needed and can be deleted. Use require valid-user to authenticate any valid system user.
Thank you!
It works perfectly.
Thank you, thank you, thank you. You have saved my bacon and sanity.
Why I couldn't find this on google - maybe these keywords will help
Fedora 8
mod_auth_pam
mod_auth_shadow
hello
I use fedora 9 and I want use mod_auth_pam and I install mod_auth_pam but
when i restart apache show fallowing message what should I do ? help me.
Starting httpd: [Mon Sep 01 00:24:34 2008] [warn] module auth_pam_module is already loaded, skipping
hello
excuse me I have another question . I use apache 2.2.9 in fedora 9
and I want use mod_auth_pam but I want when it need username and password it use
/etc/shadow what shoud i do?