Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: WEBlance on January 28, 2005, 12:43:09 PM
-
Hi,
I'm trying to secure a directory with .htaccess but it doesn't work. I've read a thread on another forum that SME doesn't support .htaccess usage but can if I install a certain RPM?
Please help!
/Carl
-
You can enable htaccess with this contrib:
http://mirror.contribs.org/smeserver/contribs/nightspirit/e-smith-htaccess/
It works fine for my website on SME 6.0.1.
Regards
Knut
-
Yes this worked!
Thank You
-
Hi,
I'm trying to secure a directory with .htaccess but it doesn't work. I've read a thread on another forum that SME doesn't support .htaccess usage but can if I install a certain RPM?
You don't need .htaccess support. Just create a new httpd.conf custom template fragment.
-
"You don't need .htaccess support. Just create a new httpd.conf custom template fragment."
Sounds easy, can you explain which fragment you create and what do you change?
Using 6.01.
Thanks
M
-
Well the contrib worked fine so using that or modifying the httpd.conf is the same for me :pint:
-
Well the contrib worked fine so using that or modifying the httpd.conf is the same for me :pint:
Using .htaccess is definitely less secure. httpd.conf templates are definitely under admin's control. .htaccess files are not, and could have insecure permissions.
-
Sounds easy, can you explain which fragment you create and what do you change?
Create a fragment with a name of your choice in /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf. It should contain
<Directory /path/you/want/to/configure>
stuff
</Directory>
where "stuff" is pretty much what you wanted to put into your .htaccess file.
Then:
/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
/etc/e-smith/events/actions/restart-httpd-graceful
-
Dear Charlie
Than you for that tip, I was wanting to implement that and you steered me in the right direction.
> where "stuff" is pretty much what you wanted to
> put into your .htaccess file.
So after reading a bit about .htaccess here, I found out what the "stuff" is.
http://www.its.queensu.ca/network/policy/htaccess.shtml
I created a fragment like this
<Directory /home/e-smith/files/ibays/testsite2/html/w1/admin>
AuthuserFile /etc/testsite2w1admin-htpasswd
AuthGroupFile /dev/null
AuthName "Security Group"
AuthType Basic
<Limit GET>
order deny,allow
require valid-user
</Limit>
</Directory>
which uses the password file specified and works OK.
Is it possible to use existing password files that the sme server uses and authenticate against those, instead of making different password files and adding users. Is it also possible to authenticate against group membership much in the same way that sme does it for local access ?
Thanks & Regards
-
Is it possible to use existing password files that the sme server uses and authenticate against those, instead of making different password files and adding users.
Yes, see how authentication is done for access to server-manager.
Is it also possible to authenticate against group membership much in the same way that sme does it for local access ?
Probably. One way to do it is just to expand the group to a list of usernames inside a template fragment. But there's almost certainly a way to consult /etc/group at runtime - see apache module documentation.