RSS
 

Posts Tagged ‘htpasswd’

User Authentication for SysInfo

21 Aug

Since SysInfo, the CGI app we created in the last blog post displays server information on a webpage, it only makes sense to add some basic authentication to protect access to it. This will make it ask for a username and password, before users get access to the App.

This is done by adding the following Directory block to the Apache configuration file.

<directory /usr/lib/cgi-bin/sysinfo/ >
AuthName "Sys-info Login"
Authtype Basic
AuthUserFile /usr/lib/cgi-bin/sysinfo/htpasswd
require valid-user
</directory>

/usr/lib/cgi-bin/sysinfo/ is the location of the Sysinfo App, its the folder we want to protect, putting it in the above Directory block tells Apache to require authentication for access to it.

AuthName is the message displayed by the browser when the server requests authentication.

Authtype Basic means we are using basic Authentication, the password is transmitted without encryption.

AuthUserFile /usr/lib/cgi-bin/sysinfo/htpasswd refers to the file that will store the username and passwords i.e the password file.

require valid-user Tells apache to all only allow access to users found in the password file.

Now we are done with the Apache Configuration file, next step is to create the password file and add a user. This is done with the htpasswd program that comes with Apache.

type:
cd /usr/lib/cgi-bin/sysinfo/
htpasswd -c htpasswd admin

This will create a new password file called htpasswd and a new user called admin. It will prompt you to enter a password for this user. The password file is /usr/lib/cgi-bin/sysinfo/htpasswd. The passwords stored in the file will always be in encrypted form. With the -c option htpasswd will create a new password file.

To add more users;
htpasswd htpasswd another-user
Just omit the -c option since the password file already exists.

Final step, lets make the web user www-data the only one that can read or write the password file.
sudo chown www-data htpasswd
sudo chmod 600 htpasswd

Now restart Apache and try the App, it will require authentication.

 
No Comments

Posted in Linux

 
 
Premium Wordpress Plugin