Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: rhiridflaidd on May 04, 2005, 09:22:07 PM

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 04, 2005, 09:22:07 PM

:hammer:  :hammer:  :hammer:

I'm stuck.

I'm trying to put a password on a phpBB2 forum; to add to it's security - using .htpassword and .htaccess.

I'm obviously doing something wrong - because whatever I trythere's no prompt for a password.

I installed the forum using these instructions...

http://no.longer.valid/phpwiki/index.php/How%20to%20set%20up%20phpBB%202.0.0%20on%20SME%20Server%205.0%20or%205.1.2

I the tried modifying httpd.conf by changing the 93phpbb file to read


Alias /phpBB2 /opt/phpBB2

<Directory /opt/phpBB2>
AuthUserFile /opt/phpBB2/.htpasswd
AuthName ByPassword
AuthType Basic
require valid-user
AddType application/x-httpd-php .php .php3 .phtml
Options Indexes +Includes FollowSymLinks
order deny,allow
deny from all
allow from all
satisfy any
</Directory>

-and then I did this..
[root@e-smith httpd.conf]# /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
[root@e-smith httpd.conf]# /etc/rc.d/rc7.d/S85httpd-e-smith restart


also .htaccess in /opt/dev reads

AuthUserFile /opt/phpBB2/.htpasswd
AuthName ByPassword
AuthType Basic
<Limit Get>
require valid-user
</Limit>


And i've used htpasswd to create a .htpasswd file in the /opt/phpBB2 directory and I can confirm that the paswords have been saved to that file.

But nothing's cahnged - no password prompt.

Title: .htpasswd - Tearing my hair out after 48h
Post by: boss_hog on May 04, 2005, 11:06:20 PM

Hi rhiridflaidd,
I will point out the obvious, the page you referenced to is for ver. 5.x server software. There have been A lOT of changes since then.

Here is a slightly more recent page for running PhpBB2 in an ibay:
http://forums.contribs.org/index.php?topic=24940.msg100398#msg100398

The info given by Dan Brown may work even though it is dated, not sure myself. But modern SME thinking is most(not all!) of your apps can run from an ibay, which can be passworded.
Hope this helps.
Joe

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 05, 2005, 12:07:38 AM

That sounds more like it.  Explains why I was struggling just a bit!

Thanks a lot.

Title: .htpasswd - Tearing my hair out after 48h
Post by: raem on May 05, 2005, 02:14:40 AM

phpBB is fully controllable with password access any way.
You can create the forums to require login, you can force users to login before posting, forums can be private for selected groups of users and the admin access is by password.

Of course you can simply password control the whole site using the ibay login & password.

If you want more details re htaccess with sme see

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/htaccess%20configuration%20with%20custom%20templates%20HOWTO%20for%20sme%20server.htm

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 05, 2005, 01:04:40 PM

The forums are private in that way - but those wo want the forum are a bit security paranoid and want another layer of security in there.  (Don't ask)

A quick question - if i just copy th phpBB files over to an ibay will that work, or will i need a reinstall of phpBB2

Title: .htpasswd - Tearing my hair out after 48h
Post by: raem on May 05, 2005, 01:35:47 PM

I seem to recall that you can just copy the folder across, but you will need to run the install again to update the config. See the phpBB site for install/update details.

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 06, 2005, 09:14:30 PM

Thanks.  I re-installed it in an e-bay and now it's happy.

The only snag is that passwording the ibay gives the username for the password which is the same as the ibay name - and the ibay name wasn't designed to be remembrable!

So how can i have an username for the password check when somebody from the internet wants to access this ibay with password - as i've specified in the ibay config; without having a daft username??

Cheers

Title: .htpasswd - Tearing my hair out after 48h
Post by: raem on May 07, 2005, 01:09:40 AM

rhiridflaidd

When you password protect an ibay the user name is always the ibayname. Standard users/password combinations do not apply to ibays.
 
You could create a new ibay with a more easily remembered name and move the phpBB there !

Perhaps you could try using htaccess on the ibay without having an ibay paswword set, that way the users/password combination(s) is what you put it the passsword file. Follow my HOWTO.

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 08, 2005, 08:06:58 PM

Thanks again.  I wasn't sure if that would work - but sounds good from here.

Title: .htpasswd - Tearing my hair out after 48h
Post by: rhiridflaidd on May 08, 2005, 09:25:50 PM

Ray - thanks - following your advice it worked perfectly (and I'm quietly chuffed with myself as somebody who has only used linux fleetingly, and never used the command prompt before this week; that my first post was so close to the mark!)

Title: .htpasswd - Tearing my hair out after 48h
Post by: raem on May 09, 2005, 09:38:25 AM

rhiridflaidd

>....I'm quietly chuffed with myself as somebody who has only used linux fleetingly...

That's good feeling, isn't it !!