LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-13-2004, 08:37 PM   #1
tommytomato
Member
 
Registered: Nov 2003
Location: Narrogin Western Australia
Distribution: GUI Ubuntu 12.04 - Server 12.04.4 LTS
Posts: 935

Rep: Reputation: 32
protected folders


Hi all

Just a question

If i wanted to protect the home directory so all user have to log in to view there home page

http://www.mydomain.com/~user/

would i have to create a .htaccess file and place it under the home directory or place it under each users account ?

Or do i just follow this sample

Code:
<Directory /home/bill/public_html>
	        <Files thesecret.file>
		        AuthName "Bill secret stuff"
			AuthType Basic
			AuthUserFile /home/bill/apache.htpasswd
			Require valid-user
		</Files>
	</Directory>
I've setup protected folders before, so i have no probs doing it again

TT
 
Old 09-14-2004, 08:43 AM   #2
r0b0
Member
 
Registered: Aug 2004
Location: Europe
Posts: 600

Rep: Reputation: 49
Either way would work.
 
Old 09-14-2004, 08:54 AM   #3
tommytomato
Member
 
Registered: Nov 2003
Location: Narrogin Western Australia
Distribution: GUI Ubuntu 12.04 - Server 12.04.4 LTS
Posts: 935

Original Poster
Rep: Reputation: 32
Sorry i should have said

I was thinking of having one .htaccess file under home dir

so if any user visiting their public_html ( /~username ) would have to login

Is this going to block other folders with in users accounts
EG
/home/public_html
/home/www
/home/backupfiles.

However i did try this and it still let me in

</DIRECTORY>
<DIRECTORY /home/*/public_html>
AllowOverride AuthConfig
</DIRECTORY>

I hope you can see what i'm trying to do

TT

Last edited by tommytomato; 09-14-2004 at 08:57 AM.
 
Old 09-16-2004, 09:05 AM   #4
r0b0
Member
 
Registered: Aug 2004
Location: Europe
Posts: 600

Rep: Reputation: 49
Hmm.. if you want all access to all ~user/ directories authenticated with a single file with logins and passwords, try doing this:

Code:
<DIRECTORY /home/*/public_html>
    AuthName "Secret stuff"
    AuthType Basic
    AuthUserFile /home/.htpasswd
    Require valid-user  

    # and to still allow per-user .htaccess:
    AllowOverride AuthConfig
</DIRECTORY>
I hope you get my idea.

R.
 
Old 09-18-2004, 06:59 PM   #5
tommytomato
Member
 
Registered: Nov 2003
Location: Narrogin Western Australia
Distribution: GUI Ubuntu 12.04 - Server 12.04.4 LTS
Posts: 935

Original Poster
Rep: Reputation: 32
Hi thanks

Sorry for the late reply

My question is

Is this going to block all access to home/public_html on all users

What i mean is, I plan to give my users awstats pages for their own subdomain.

So it would be

/home/user/public_html is where the awstats pages will be for each user, this is the directory i wish to block with a log in box.

home/user/www is where the users subdomain is, which i still want to be able to view

http://www.mydomain.com/~user/ needs to be blocked

http://subdomain.mydomain.com/ which needs to be able to be view by all net users

I hope this makes sence

TT

Last edited by tommytomato; 09-18-2004 at 07:01 PM.
 
Old 09-21-2004, 10:58 AM   #6
tommytomato
Member
 
Registered: Nov 2003
Location: Narrogin Western Australia
Distribution: GUI Ubuntu 12.04 - Server 12.04.4 LTS
Posts: 935

Original Poster
Rep: Reputation: 32
Hi mate

I've tried what you said and i cant seem to get it right..

TT
 
Old 09-21-2004, 11:23 PM   #7
tommytomato
Member
 
Registered: Nov 2003
Location: Narrogin Western Australia
Distribution: GUI Ubuntu 12.04 - Server 12.04.4 LTS
Posts: 935

Original Poster
Rep: Reputation: 32
Any one got any ideas on how to get this going please.

I dont get any errors in my httpd, and the login box pops up ok.but user can not log in

My users have two folders under their account, 1st one is public_html and the other is www

public_html is the one we want to block with a login box, and the www folder must be able to be view from the out side.

my .htaccess file in is the home dir /home
and my password file is
/srv/www/password_folder/passwords

TT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
public, private, protected...?(C++) name_in_use450 Programming 6 10-07-2008 11:43 PM
Protected PDF Schopy Linux - Software 3 04-13-2005 06:03 PM
protected directories tommytomato Linux - Security 2 01-11-2004 10:34 PM
Password Protected web folders wolftechmn Linux - General 1 12-14-2003 12:58 AM
ripping a protected cd mexifries Linux - Software 7 08-28-2003 03:14 PM


All times are GMT -5. The time now is 05:41 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration