Password Protect XML-RPC
- by Terence Eden
I have a service running on a server which I want to access via XML-RPC. I've installed all the necessary bits.
Within /etc/apache2/httpd.conf I have the single line
SCGIMount /RPC2 127.0.0.1:5000
I can run xmlrpc commands from my server - and any server which connects to /RPC2.
What I want to do is password protect the directory to stop unauthorised usage.
Within /etc/apache2/httpd.conf I've added
<Location /RPC2>
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthUserFile /home/me/myhtpasswd
Require user me
</Location>
Trying to access /RPC2 brings up the "Authorization Required" box and it accepts my username and password.
However, xmlrpc now doesn't work!
If I run xmlrpc localhost some_command on my server, I get the error
Failed. Call failed. HTTP response code is 401, not 200. (XML-RPC fault code -504)
Is there any way I can password protect my /RPC2 directory and have xmlrpc commands work?