RE: secure apache in debian - FINISHED
From: Michael Martinell (mike_at_dakotasioux.com)
Date: 06/22/05
- Previous message: Aurélien Campéas: "Re: Setting up a Java development environment the debian way."
- In reply to: Petri Varsa: "Re: secure apache in debian"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <debian-user@lists.debian.org> Date: Wed, 22 Jun 2005 09:49:57 -0500
> -----Original Message-----
> From: Petri Varsa [mailto:petri.varsa@gmail.com]
> Sent: Wednesday, June 22, 2005 8:30 AM
> To: Michael Martinell; debian-user@lists.debian.org
> Subject: Re: secure apache in debian
>
> I think this should work for you:
>
> <Location />
> AuthType Basic
> AuthUserFile /etc/apache2/ssl/user_auth
> AuthName "Test"
> Require valid-user
> </Location>
>
> Put this in under the <VirtualHost> section. Then use the htpasswd
> program to create the /etc/apache2/ssl/user_auth file.
>
> -petri
>
>
> On 6/22/05, Michael Martinell <mike@dakotasioux.com> wrote:
> >
> >
> > > -----Original Message-----
> > > From: Jon Dowland [mailto:jon-dowland@ncl.ac.uk]
> > > Sent: Wednesday, June 22, 2005 6:24 AM
> > > To: debian-user
> > > Subject: Re: secure apache in debian
> > >
> > > Michael Martinell wrote:
> > >
> > > > What is the best way to secure an entire site in apache? I have 3.1
> r0
> > > and
> > > > have installed the apache package. Basically I want 1 user to be
> able to
> > > > access any directory or folder that exists now or will ever exist in
> the
> > > > future in the /var/www path.
> > >
> > > You'll have to be a bit more specific. When I read 'secure' I think,
> > > 'secure transmission' and you mean setting up HTTPS. However, it
> sounds
> > > like what you're really after is realm-based HTTP authentication.
> > >
> > >
> > > --
> > > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> > > with a subject of "unsubscribe". Trouble? Contact
> > > listmaster@lists.debian.org
> >
> > I have an in-house server for administrators, technicians and such to
> get
> > install files and so forth off of. I do not really want the casual user
> to
> > be able to access this server and install software without approval.
> Since
> > security isn't real high here I thought a single log in would be ok. I
> > thought there was a way to put some entries into httpd.conf that would
> cause
> > the whole server, no matter what page it served up to prompt for a
> password.
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> >
> >
This solution was exactly what I needed. I had tried this before, however I
had not put it in the VirtualHost section. That did make all of the
difference for me.
-- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Aurélien Campéas: "Re: Setting up a Java development environment the debian way."
- In reply to: Petri Varsa: "Re: secure apache in debian"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
