Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Restrict webpage is so easy in Linux Apache

Restrict webpage is so easy in Linux Apache

Ratings: (0)|Views: 51|Likes:
Published by S Bera
Restricting web directory is so easy in apache. For detail read here...
Restricting web directory is so easy in apache. For detail read here...

More info:

Published by: S Bera on Mar 07, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as ODT, PDF, TXT or read online from Scribd
See more
See less





Restricted Access
“Restrict access to our website , give permission only thru authentication, please do it as soon aspossible “, That's what my Boss told me .Some people are taking data from our website and thenmisusing it to our disadvantage. Our department should be protected . Though I hate it but now I haveto do it . The whole special web portal which was added to our website couple of months back is to berestricted now. The portal has more than three hundred files. Apart from htm , html files there areexcel ,word, pdf, power point and even some text files. The clients of these pages are all across ourcountry through company WAN.All these files were earlier residing in a windows IIS server which my department inherited then. Theserver had the windows file sharing facility. Each group of file was maintained by different groups ofour department. They edit / update their files using windows file sharing. Some worked from far flungprojects . As long as the windows were running life was easy for them. Some groupp even uploadedtheir own fancy html file (Mostly designed on Microsoft Frontpage). It was an wired world .But gradually it was felt that the server was getting slow and sometimes dead slow.The IT department chiped in , they sanitized more than two hundred virus infected files.The server regained it's performance and the life became easy again.But by the turn of next week the viruses came back with more numbers and the portal was almoststalled. The IT department became busy and they cured little more than three hundred virus infections.After two days of intense sanitizing the server was up and running.But again next week the server was down. The IT head told us to remove file sharing all at once as itwas the main reason of repeated virus infection. He was in fact very right.The server was up but themembers were dissatisfied as now they have to go to the server physically to update their pages.Nobody liked this way of updation. Those from projects now send their updation over email tosomeone who in turn replace it in the server.Therefore ,the idea struck to my mind ! How, If I transfer the entire portal to one of my Linux servers?So I dropped the 250 MB portallll into the '/var/www/html/example/wwwroot/' directory of my FedoraCore-4 LAMP (Linux Apache Mysql PHP) server. The server has the capability of running PHP, DOM, JAVA Python and PERL files . Little check from network revealed that the portal was all workingfrom the Linux server without any problem. (see my earlierrr blog on 'wwwroot on linux' ).For accessing / updating from network I just gave the directory an ftp permission and wrote a smallbatch file on the windows computers. By clicking the batch file the ftp window opens for FC-4 server.The users can then drag and drop their updations or cut & paste as well.After running it parallel for a week people gave in and the new linux FC-4PC became the new location of this portal. The project people could use the batch file as well forupdation.
As long as the portal was running I was least bothered about the content of this portal. Most of the fileswere unprofessional htm or html files, opens excel word powerpoint or pdf files. Boss was extremelyhappy as there was no more virus infections.But now the entire directory needs to be protected from unauthorized viewing.Instead of going to protect individual files one by one I decided to protect the directory straightt-cutusing the htaccess faculty of the Apache webserver.By default 'htaccess' in the apache is off. To make it on find the 'AllowOverride None' line in thehttpd.conf file and make it "AllowOverride All" . Now every timee the Apache fetches a page fromany directory it searches for the ground rule in the .htaccess file residing in that directory or thedirectoryhierarchy.. That means if the .htaccess file is there in the parent directory all the subdirectories will follow the same rule. Save the httpd.conf file and restart apache.# /etc/init.d/httpd restartShutting down httpd: [ OK ]Starting httpd: httpd: for Server Name[ OK ][root@localhost example]#Now open an editor (my favorite one is gedit ) and write the following lines and then save it as.htaccess in the directory you want to have restricted access.# geditAuthUserFile /home/bera/website-portal/.htpasswordAuthname "WROS Secure Area / or whatever you want to write here"AuthType Basicrequire valid-usergive a read permission to this file.#chmod 755 /home/bera/website-portal/.htaccess------------- that's all for now -------------------------------Now every timeeee somebody access the said directory, the apache will find the .htaccess file forground rules and then it will go to the /home/bera/website-portal/.htpassword for matching theusername & password. In the .htpassword file you can have as many user & password set as you want.So now the only job left is to create the .htpassword file in /home/bera/website-portal/Go to that directory and open a super terminal.

Activity (3)

You've already reviewed this. Edit your review.
1 hundred reads
nagmut liked this
S Bera liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->