Bertrand Janin wrote:
Jordi Espasa Clofent wrote :
I want to restrict the access to my syweb site (web GUI for symon).
# pwd
/var/www/htdocs/syweb
# ls -la
total 228
drwxr-xr-x 3 root daemon 1024 Oct 27 12:44 .
drwxr-xr-x 3 root daemon 512 Oct 27 12:49 ..
-rw-r--r-- 1 root daemon 131 Oct 27 12:44 .htaccess
-rw-r--r-- 1 root daemon 69 Oct 27 11:50 .htpasswd
drwxr-xr-x 2 www daemon 512 Apr 2 2008 cache
-rw-r--r-- 1 root daemon 6287 Apr 14 2008 class_cache.inc
-rw-r--r-- 1 root daemon 10478 Apr 14 2008 class_graph.inc
-rw-r--r-- 1 root daemon 8937 Apr 14 2008 class_layout.inc
-rw-r--r-- 1 root daemon 6193 Apr 14 2008 class_lexer.inc
-rw-r--r-- 1 root daemon 3959 Apr 14 2008 class_rrdtool.inc
-rw-r--r-- 1 root daemon 4394 Apr 14 2008 class_session.inc
-rw-r--r-- 1 root daemon 2014 Apr 14 2008 class_text.inc
-rw-r--r-- 1 root daemon 3591 Apr 14 2008 class_vars.inc
-rw-r--r-- 1 root daemon 2414 Apr 14 2008 configtest.php
-rw-r--r-- 1 root daemon 2542 Apr 14 2008 graph.php
-rw-r--r-- 1 root daemon 19177 Apr 14 2008 graph_defaults.inc
-rw-r--r-- 1 root daemon 4873 Apr 14 2008 index.php
-rw-r--r-- 1 root daemon 5318 Apr 14 2008 setup.inc
-rw-r--r-- 1 root daemon 95 Apr 14 2008 spacer.png
-rw-r--r-- 1 root daemon 976 Apr 14 2008 symon.css
-rw-r--r-- 1 root daemon 1760 Apr 14 2008 symon.png
-rw-r--r-- 1 root daemon 3233 Apr 14 2008 tools.inc
# more .htaccess
AuthUserFile /var/www/htdocs/syweb/.htpasswd
AuthGroupFile /dev/null
AuthName Restricted Access.
AuthType Basic
require valid-user
# more .htpasswd
Apache is running in a chroot by default so the path you give to
AuthUserFile is incorrect, it should be /htdocs/syweb/.htpasswd
Bertrand
You may also consider moving the passwd file out of htdocs. I believe
this is a security hazard. Mine is in /var/www/etc.
Tom
