Search Results

Search found 162 results on 7 pages for 'htpasswd'.

Page 3/7 | < Previous Page | 1 2 3 4 5 6 7  | Next Page >

  • NginxHttpAuthBasicModule with Sinatra & Passenger

    - by scainey
    Hi, I'm serving static pages from a Sinatra application using Nginx. I've implemented Basic Authentication for one page on the site using NginxHttpAuthBasicModule, the authentication succeeds but Nginx doesn't resolve the link. Error log gives - 2010/03/22 12:15:19 [error] 7143#0: *2902 open() "/home/me/live/mysite_home/public /mypage" failed (2: No such file or directory), client: 82.71.18.122, server: mysite.com, request: "GET /mypage HTTP/1.1", host: "mysite.com" The actual file is found at: /home/me/live/mysite_home/live/mypage.erb The configuration file is: server { listen 80; server_name mysite.com; root /home/me/live/mysite_home/public; passenger_enabled on; location /mypage { auth_basic "Restricted"; auth_basic_user_file htpasswd; } } server { listen 443; server_name mysite.com; root /home/me/live/mysite_home/public; passenger_enabled on; ssl on; ssl_certificate /etc/nginx/conf/certs/server.crt; ssl_certificate_key /etc/nginx/conf/certs/server.key; keepalive_timeout 70; location /mypage { auth_basic "Restricted"; auth_basic_user_file htpasswd; } } Not sure if this is a Sinatra, Passenger or Nginx thing, or if I'm just missing something.

    Read the article

  • NginxHttpAuthBasicModule with Sinatra & Passenger

    - by scainey
    I'm serving static pages from a Sinatra application using Nginx. I've implemented Basic Authentication for one page on the site using NginxHttpAuthBasicModule, the authentication succeeds but Nginx doesn't resolve the link. Error log gives - 2010/03/22 12:15:19 [error] 7143#0: *2902 open() "/home/me/live/mysite_home/public /mypage" failed (2: No such file or directory), client: 82.71.18.122, server: mysite.com, request: "GET /mypage HTTP/1.1", host: "mysite.com" The actual file is found at: /home/me/live/mysite_home/live/mypage.erb The configuration file is: server { listen 80; server_name mysite.com; root /home/me/live/mysite_home/public; passenger_enabled on; location /mypage { auth_basic "Restricted"; auth_basic_user_file htpasswd; } } server { listen 443; server_name mysite.com; root /home/me/live/mysite_home/public; passenger_enabled on; ssl on; ssl_certificate /etc/nginx/conf/certs/server.crt; ssl_certificate_key /etc/nginx/conf/certs/server.key; keepalive_timeout 70; location /mypage { auth_basic "Restricted"; auth_basic_user_file htpasswd; } } Not sure if this is a Sinatra, Passenger or Nginx thing, or if I'm just missing something.

    Read the article

  • apache: cgi links lead to a "you have chosen to open foo.cgi", although scriptalias is set

    - by Xiong Chiamiov
    Following this guide on CentOS 5.2, just getting nagios set up for the first time. The main page shows up just fine, but when I try to view any of the pages that should be generated by a cgi process, firefox prompts me to save the .cgi instead, so apache's obviously not understanding that it needs to run the cgi and get back some html from it. The odd thing is, though, that, as far as I can tell, apache should be running these files as cgi. nagios.conf: # SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER # Last Modified: 11-26-2005 # # This file contains examples of entries that need # to be incorporated into your Apache web server # configuration file. Customize the paths, etc. as # needed to fit your system. ScriptAlias /nagios/cgi-bin/ "/usr/lib/nagios/cgi/" # SSLRequireSSL Options +ExecCGI AddHandler cgi-script .cgi AllowOverride None Order allow,deny Allow from all # Order deny,allow # Deny from all # Allow from 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users Require valid-user Alias /nagios "/usr/share/nagios/" # SSLRequireSSL DirectoryIndex index.php Options None AllowOverride None Order allow,deny Allow from all # Order deny,allow # Deny from all # Allow from 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users Require valid-use Either the ScriptAlias directive or ExecCGI option should be triggering this, but neither of them seems to have any effect. This config file is being parsed by apache, because if I move it out of conf.d, /nagios gives a 404. The .cgi files are indeed in the /nagios/cgi-bin/ directory, so I didn't specify the incorrect directory. Searching seemed to only provide people who had difficulty with permissions, which is not the issue here. This seems to me to be a pretty basic thing, but even with the excellent apache documentation, I'm at a bit of a loss (been using cherokee too much lately :) ).

    Read the article

  • cannot get FilesMatch and mod_rewrite working together

    - by neil
    Hello, I'm having a little difficulty with my .htaccess when combining a password protection on a file and a mod_rewrite: If I only have this as my .htaccess <FilesMatch "manage.php"> AuthName "Member Only" AuthType Basic AuthUserFile /home/myuser/.htpasswd require valid-user </FilesMatch> It password protects manage.php fine. If I have this as my .htaccess RewriteEngine on RewriteCond $1 !^(index\.php|manage\.php|robots\.txt) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] It works as expected: robots.txt, index.php and manage.php are left alone and are called as normal, everything else is redirected to index.php/$1 HOWEVER, If I combine them then when I visit manage.php it gets redirected as index.php/$1, i.e. the FilesMatch is causing the entry in rewritecond to be ignored. If I actually enter a password in the original test and get to the file, it works in this last test. So I guess something is up with the rewrite and the file match. i.e. entering this causes .\manage.php to be called as .\index.php\manage.php <FilesMatch "manage.php"> AuthName "Member Only" AuthType Basic AuthUserFile /home/myuser/.htpasswd require valid-user </FilesMatch> RewriteEngine on RewriteCond $1 !^(index\.php|manage\.php|robots\.txt) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] Thanks for any help :)

    Read the article

  • basic http authentication

    - by user881480
    I am using apache's basic http authentication to control access, however, I only want to control one level of directory access, meaning, I only want directory a to be authenticated, but not a's children(eg. a/b), is this possible? <Location /a/> Options -Indexes Order Deny,Allow Allow from all AuthType Basic AuthName "Members Only" AuthUserFile /home/xxxx/.htpasswd require valid-user </Location>

    Read the article

  • one svn account for each programmer?

    - by ajsie
    i should have one svn user for each programmer in the ubuntu server? is this accomplished by using "htpasswd" 4 times for 4 programmers? how do i couple all these users to same group so that i could modify file access specific for the svn group and all its members?

    Read the article

  • one svn account for each programmer?

    - by ajsie
    i should have one svn user for each programmer in the ubuntu server? is this accomplished by using "htpasswd" 4 times for 4 programmers? im using svn with webdav and apache. how do i couple all these users to same group so that i could modify file access specific for the svn group and all its members?

    Read the article

  • In Apache, how do I set up password protection?

    - by rphello101
    I'm attempting to set up a server using Apache. In the conf file, I inserted the code: <Directory /> Options FollowSymLinks AllowOverride AuthConfig AuthType Basic AuthName "Restricted Files" AuthBasicProvider file AuthUserFile C:\...\serverpass.txt Require user Admin </Directory> In order to try and get Apache to require a password. I created the username and password with htpasswd -c. When I got to localhost though, it doesn't prompt me for a username and password?

    Read the article

  • Is it possible to rsync your web site to another backup server and use the same .htaccess files?

    - by stephenmm
    I am trying to use rsync to replicate all the files from one web server to another server that could act as a backup if the first one went down. The problem I am having is that the .htaccess file requires the AuthUserFile to have the fully quallified path to the .htpasswd file and I cannot make the paths the same on the two machines. Does anyone know how I might use the same .htaccess file on two different servers? Thanks for any help that can be provided.

    Read the article

  • How to simulate htaccess for auth with IIS without having access to the server config ?

    - by bgy
    Hi, I need to put a website on windows server IIS, i'd like to use basic authentification like i'd do with Apache, with the .htaccess / .htpasswd I read here & there, that i could do this through the admin tabs of IIS, but i'm not the administrator, and i only have ftp access. It seems to be a 'web.config' file where i could do this. Is there a way to set up such things within a config file ? I'm not used to work with IIS...

    Read the article

  • htaccess allow if does not contain string

    - by Tom
    I'm trying to setup a .htaccess file which will allow users to bypass the password block if they come from a domain which does not start with preview. e.g. http://preview.example.com would trigger the password and http://example.com would not. Here's what I've got so far: SetEnvIfNoCase Host preview(.*\.)? preview_site AuthUserFile /Users/me/.htpasswd AuthGroupFile /dev/null AuthType Basic AuthName "Development Area" Require valid-user Order deny,allow Allow from 127 deny from env=preview_site Satisfy any Any ideas?

    Read the article

  • apache: bypass authentication for a specific ip

    - by Tevez G
    In Apache I have set basic authentication for /protected location. Now i need to bypass authetication for a specific ip address but keep auth for others intact. Can anyone guide me on this one. Here is my current snippet of auth protected location. Location "/protected" Order allow,deny Allow from all AuthName "Protected folder" AuthType Basic AuthUserFile /etc/htpasswd require valid-user /Location

    Read the article

  • Password-protect a directory, but not that directory's files? [Apache]

    - by Onion
    Hi, I was just wondering if it was possible to protect a directory with a username/password combination using .htaccess and .htpasswd files, but not protect the files within. i.e. One is able to link, say, images within that directory to friends, but browsing the directory itself would not be allowed without a username/password. Thanks to all in advance.

    Read the article

  • Keeping files private on the internet (.htaccess password or software/php/wordpress password)

    - by jiewmeng
    I was asked a while ago to setup a server such that only authenticated users can access files. It was like a test server for clients to view WIP sites. More recently, I want to do something similar for some of my files. Tho they are not very confidential, I wish that I am the only one viewing it. I thought of doing the same, Create a robots.txt User-agent: * Disallow: / Setup some password protection, .htpasswd seems like a very ugly way to do it. It will prompt me even when I log into FTP. I wonder if software method like password protected posts in Wordpress will do the trick of locking out the public and hiding content from Search Engines? Or some self made PHP script will do the trick?

    Read the article

  • one svn account for each programmer?

    - by ajsie
    i should have one svn user for each programmer in the ubuntu server? is this accomplished by using "htpasswd" 4 times for 4 programmers? how do i couple all these users to same group so that i could modify file access specific for the svn group and all its members?

    Read the article

  • Heroku powered private restricted beta

    - by Ben Sand
    I'd like to run an app in a restricted private beta on heroku. We're changing the app regularly and haven't done a security audit. To stop anyone exploiting stuff, we'd like to lock down the whole site, so you need a password to access anything. Ideally similar to using .htaccess and .htpasswd files to lock an entire site on an Apache server. Is there a simple one shot way to do this for a heroku hosted app?

    Read the article

  • Subversion error: Repository moved permanently to please relocate

    - by Bart S.
    I've set up subversion and apache on my server. If I browse to it through my webbrowser it works fine (http://svn.host.com/reposname). However, if I do a checkout on my machine I get the following error: Command: Checkout from http://svn.host.com/reposname, revision HEAD, Fully recursive, Externals included Error: Repository moved permanently to 'http://svn.host.com/reposname/'; please relocate I checked apache's error log, but it doesn't say anything. My repositories are stored under: /var/www/svn/repos/ My website is stored under: /var/www/vhosts/x/... Here's the conf file for the subdomain: <Location /> Options +indexes DAV svn SVNParentPath /var/www/svn/repos/ AuthType Basic AuthName "Authorization Realm" AuthUserFile /var/www/svn/auth/svn.htpasswd Require valid-user </Location> Authentication works fine. Does anyone know what might be causing this?

    Read the article

  • Enable basic auth sitewide and disabling it for subpages?

    - by piquadrat
    I have a relatively straight forward config: upstream appserver-1 { server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0; } server { listen 80; server_name example.com; location / { proxy_pass http://appserver-1; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_basic "Restricted"; auth_basic_user_file /path/to/htpasswd; } location /api/ { auth_basic off; } } The goal is to use basic auth on the whole website, except on the /api/ subtree. While it does work with respect to basic auth, other directives like proxy_pass are not in effect on /api/ as well. Is it possible to just disable basic auth while retaining the other directives without copy&pasting everything?

    Read the article

  • htaccess rewrite and auth conflict

    - by Michael
    I have 2 directories each with a .htaccess file: html/.htaccess - There is a rewrite in this file to send almost everything to url.php RewriteCond %{REQUEST_URI} !(exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico))$ RewriteRule (.*)$ /url.php [L] and html/exported/.htaccess AuthType Basic AuthName "exported" AuthUserFile "/home/siteuser/.htpasswd" require valid-user If I remove html/exported/.htaccess the rewriting works fine and the exported directory can be access. If I remove html/.htaccess the authentication works fine. However when I have both .htaccess files exported/ is being rewritten to /url.php. Any ideas how I can prevent it?

    Read the article

  • Why won't vsftpd let me log in with a virtual user account?

    - by Ramon
    I would like to use vsftpd with virtual users and pam_pwdfile.so. I installed vsftpd and added two users (ramon and dragon) via htpasswd to my file /etc/vsftpd.passwd. The /etc/pam.d/vsftpd is configured to use this file. auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required pam_pwdfile.so pwdfile /etc/vsftpd.passwd account required pam_permit.so @include common-account @include common-session The user "ramon" is also available in /etc/passwd. A login to the ftp with the user "ramon" works as expected. But a login using "dragon" does not :/ The result is always Login failed: 530 Login incorrect. Since it's possible that I made a mistake I tried the exact way documented in /usr/share/doc/vsftpd/examples/VIRTUAL_USERS/README. Still no luck. I can login with the user "ramon", but not with the user "dragon". Any ideas?

    Read the article

  • How do I force .htaccess authorization to occur over ssl?

    - by kenja
    I'm trying to force a particular directory to require only allowed IPs and a valid username/password through basic authorization. To ensure that the username/password are sent in encrypted form, I want the directory to also force SSL use. Here is what I have in my .htaccess file: # Force HTTPS-Connection RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://www.mywebsite.com%{REQUEST_URI} [R,L] ## password begin ## AuthName "Restricted Access" AuthUserFile /var/www/admin/.htpasswd AuthType Basic Require valid-user Order deny,allow Deny from all Allow from 79.1.231.151 62.123.134.83 Satisfy All Unfortunately, when I access that directory using http protocol, it is asking for the password before it redirects the page to the secure version. This means the password is sent unencrypted. What am I doing wrong? Is there a way to do this?

    Read the article

  • Configuring multiple domain in nginx in one file

    - by user22695
    I am still newbie configuring nginx. Is it posibble to configure multiple domain in one file and they share mostly the same config? For example I want to configure two domains that based from one app and one domain need basic auth, the other doesn't. I would like to do something like this, but I think this does not work: sites-enabled/mysite server { listen 127.0.0.1:80 default_server; server_name www.mysite.com; include sharedconf.conf; } server { listen 127.0.0.1:80; server_name www.mysite.co.jp; auth_basic "restricted"; auth_basic_user_file /etc/nginx.htpasswd; include sharedconf.conf; } sharedconf.conf location / { proxy_pass_header Server; #... bunch of config line ... }

    Read the article

  • Backup and restore Subversion user permissions

    - by Earth Engine
    We use svnsync to create fully functional backup servers, and we have a script to do so. However if we wanted to create a new backup server, we have to copy the htpasswd and groups.conf file across (that is not hard) and (after running svnsync) manually assign the user/group to repositories. Also, if we change the assignment in the main server, there is no easy way to apply that change to all backup servers. Since we have 50+ projects and 30+ users this is a boring and error-pond exercise. Are there any tools that can help us to backup and restore those automatically? We are using VisualSVN under Windows, so it is better to have solutions in Windows scripts, not shell scripts.

    Read the article

  • apache2: Require valid-user for everything except "special_page"

    - by matt wilkie
    With Apache2 how may I require a valid user for every page except these special pages which can be seen by anybody? Thanks in advance for your thoughts. Update in response to comments; here is a working apache2 config: <Directory /var/www/> Options Indexes FollowSymLinks MultiViews Order allow,deny allow from all </Directory> # require authentication for everything not specificly excepted <Location / > AuthType Basic AuthName "whatever" AuthUserFile /etc/apache2/htpasswd Require valid-user AllowOverride all </Location> # allow standard apache icons to be used without auth (e.g. MultiViews) <Location /icons> allow from all Satisfy Any </Location> # anyone can see pages in this tree <Location /special_public_pages> allow from all Satisfy Any </Location>

    Read the article

< Previous Page | 1 2 3 4 5 6 7  | Next Page >