LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   protected folders (https://www.linuxquestions.org/questions/linux-security-4/protected-folders-230289/)

tommytomato 09-13-2004 08:37 PM
protected folders
 
Hi all

Just a question

If i wanted to protect the home directory so all user have to log in to view there home page

http://www.mydomain.com/~user/

would i have to create a .htaccess file and place it under the home directory or place it under each users account ?

Or do i just follow this sample

Code:
<Directory /home/bill/public_html>
                <Files thesecret.file>
                        AuthName "Bill secret stuff"
                        AuthType Basic
                        AuthUserFile /home/bill/apache.htpasswd
                        Require valid-user
                </Files>
        </Directory>
I've setup protected folders before, so i have no probs doing it again

TT

r0b0 09-14-2004 08:43 AM
Either way would work.

tommytomato 09-14-2004 08:54 AM
Sorry i should have said

I was thinking of having one .htaccess file under home dir

so if any user visiting their public_html ( /~username ) would have to login

Is this going to block other folders with in users accounts
EG
/home/public_html
/home/www
/home/backupfiles.

However i did try this and it still let me in

</DIRECTORY>
<DIRECTORY /home/*/public_html>
AllowOverride AuthConfig
</DIRECTORY>

I hope you can see what i'm trying to do

TT

r0b0 09-16-2004 09:05 AM
Hmm.. if you want all access to all ~user/ directories authenticated with a single file with logins and passwords, try doing this:

Code:
<DIRECTORY /home/*/public_html>
    AuthName "Secret stuff"
    AuthType Basic
    AuthUserFile /home/.htpasswd
    Require valid-user 

    # and to still allow per-user .htaccess:
    AllowOverride AuthConfig
</DIRECTORY>
I hope you get my idea.

R.

tommytomato 09-18-2004 06:59 PM
Hi thanks

Sorry for the late reply

My question is

Is this going to block all access to home/public_html on all users

What i mean is, I plan to give my users awstats pages for their own subdomain.

So it would be

/home/user/public_html is where the awstats pages will be for each user, this is the directory i wish to block with a log in box.

home/user/www is where the users subdomain is, which i still want to be able to view

http://www.mydomain.com/~user/ needs to be blocked

http://subdomain.mydomain.com/ which needs to be able to be view by all net users

I hope this makes sence

TT

tommytomato 09-21-2004 10:58 AM
Hi mate

I've tried what you said and i cant seem to get it right..

TT

tommytomato 09-21-2004 11:23 PM
Any one got any ideas on how to get this going please.

I dont get any errors in my httpd, and the login box pops up ok.but user can not log in

My users have two folders under their account, 1st one is public_html and the other is www

public_html is the one we want to block with a login box, and the www folder must be able to be view from the out side.

my .htaccess file in is the home dir /home
and my password file is
/srv/www/password_folder/passwords

TT :study:


All times are GMT -5. The time now is 06:17 PM.