RE: secure apache in debian - FINISHED

To: <debian-user@lists.debian.org>
Subject: RE: secure apache in debian - FINISHED
From: "Michael Martinell" <mike@dakotasioux.com>
Date: Wed, 22 Jun 2005 09:49:57 -0500
Message-id: <[🔎] 20050622144956.972322DFC0@murphy.debian.org>
In-reply-to: <[🔎] d02dd0e0506220629273e4229@mail.gmail.com>


> -----Original Message-----
> From: Petri Varsa [mailto:petri.varsa@gmail.com]
> Sent: Wednesday, June 22, 2005 8:30 AM
> To: Michael Martinell; debian-user@lists.debian.org
> Subject: Re: secure apache in debian
> 
> I think this should work for you:
> 
>                 <Location />
>                         AuthType Basic
>                         AuthUserFile /etc/apache2/ssl/user_auth
>                         AuthName "Test"
>                         Require valid-user
>                 </Location>
> 
> Put this in under the <VirtualHost> section.  Then use the htpasswd
> program to create the /etc/apache2/ssl/user_auth file.
> 
> -petri
> 
> 
> On 6/22/05, Michael Martinell <mike@dakotasioux.com> wrote:
> >
> >
> > > -----Original Message-----
> > > From: Jon Dowland [mailto:jon-dowland@ncl.ac.uk]
> > > Sent: Wednesday, June 22, 2005 6:24 AM
> > > To: debian-user
> > > Subject: Re: secure apache in debian
> > >
> > > Michael Martinell wrote:
> > >
> > > > What is the best way to secure an entire site in apache? I have 3.1
> r0
> > > and
> > > > have installed the apache package. Basically I want 1 user to be
> able to
> > > > access any directory or folder that exists now or will ever exist in
> the
> > > > future in the /var/www path.
> > >
> > > You'll have to be a bit more specific. When I read 'secure' I think,
> > > 'secure transmission' and you mean setting up HTTPS. However, it
> sounds
> > > like what you're really after is realm-based HTTP authentication.
> > >
> > >
> > > --
> > > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> > > with a subject of "unsubscribe". Trouble? Contact
> > > listmaster@lists.debian.org
> >
> > I have an in-house server for administrators, technicians and such to
> get
> > install files and so forth off of.  I do not really want the casual user
> to
> > be able to access this server and install software without approval.
> Since
> > security isn't real high here I thought a single log in would be ok.  I
> > thought there was a way to put some entries into httpd.conf that would
> cause
> > the whole server, no matter what page it served up to prompt for a
> password.
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> >
> >


This solution was exactly what I needed.  I had tried this before, however I
had not put it in the VirtualHost section.  That did make all of the
difference for me.

Reply to:

References:
- Re: secure apache in debian
  - From: Petri Varsa <petri.varsa@gmail.com>

Prev by Date: Re: Setting up a Java development environment the debian way.
Next by Date: Re: Sarge Upgrade DEBOCLE ! ! !
Previous by thread: Re: secure apache in debian
Next by thread: Broke artsd
Index(es):
- Date
- Thread