Difference between revisions of "Mini Servers: Apache 2.2.9 Portable - Authentication"

From The Uniform Server Wiki
Jump to navigation Jump to search
m (Text replace - "projects/uniformserver" to "projects/miniserver")
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
----
 
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
 
----
 
=[http://ujybyqum.co.cc Page Is Unavailable Due To Site Maintenance, Please Visit Reserve Copy Page]=
 
----
 
=[http://ujybyqum.co.cc CLICK HERE]=
 
----
 
</div>
 
 
{{Uc nav mini servers}}
 
{{Uc nav mini servers}}
 
[[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core'''
 
[[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core'''
Line 23: Line 15:
  
 
# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z
 
# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z
# Edit server_start.bat, locate the following line:&lt;br&gt;&amp;nbsp;&amp;nbsp;'''rem set Disk=w''' &lt;br&gt;Remove the rem and replace w with the letter you want to use for example:&lt;br&gt;&amp;nbsp;&amp;nbsp;'''set Disk=x'''&amp;nbsp; Forces the server to use drive letter x
+
# Edit server_start.bat, locate the following line:<br>&nbsp;&nbsp;'''rem set Disk=w''' <br>Remove the rem and replace w with the letter you want to use for example:<br>&nbsp;&nbsp;'''set Disk=x'''&nbsp; Forces the server to use drive letter x
  
 
=== Change server default port ===
 
=== Change server default port ===
Line 34: Line 26:
 
:*  ServerName localhost:8080
 
:*  ServerName localhost:8080
  
To access the server type '''&lt;nowiki&gt;http://localhost:8080/&lt;/nowiki&gt;''' into your browser address bar.
+
To access the server type '''<nowiki>http://localhost:8080/</nowiki>''' into your browser address bar.
  
 
If port already in use try any value above 2000
 
If port already in use try any value above 2000
Line 44: Line 36:
  
 
Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added.  
 
Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added.  
&lt;pre&gt;
+
<pre>
&lt;Directory &quot;/www&quot;&gt;
+
<Directory "/www">
 
   AllowOverride All
 
   AllowOverride All
 
   Order allow,deny  
 
   Order allow,deny  
 
   Allow from all  
 
   Allow from all  
&lt;/Directory&gt;
+
</Directory>
&lt;/pre&gt;
+
</pre>
  
 
'''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.
 
'''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.
Line 59: Line 51:
  
 
This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions.  
 
This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions.  
&lt;pre&gt;
+
<pre>
 
AccessFileName .htaccess
 
AccessFileName .htaccess
  
&lt;Files ~ &quot;^\.ht&quot;&gt;
+
<Files ~ "^\.ht">
 
     Order allow,deny
 
     Order allow,deny
 
     Deny from all
 
     Deny from all
&lt;/Files&gt;
+
</Files>
&lt;/pre&gt;
+
</pre>
  
 
'''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.
 
'''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.
Line 77: Line 69:
 
Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.
 
Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.
  
&lt;pre&gt;
+
<pre>
 
LoadModule auth_basic_module modules/mod_auth_basic.so
 
LoadModule auth_basic_module modules/mod_auth_basic.so
 
LoadModule authn_file_module modules/mod_authn_file.so
 
LoadModule authn_file_module modules/mod_authn_file.so
 
LoadModule authz_user_module modules/mod_authz_user.so
 
LoadModule authz_user_module modules/mod_authz_user.so
&lt;/pre&gt;
+
</pre>
  
 
The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require.     
 
The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require.     
Line 93: Line 85:
 
For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:
 
For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:
  
* '''&lt;nowiki&gt;*&lt;/nowiki&gt;\udrive\htpasswd\www'''
+
* '''<nowiki>*</nowiki>\udrive\htpasswd\www'''
  
 
You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.
 
You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.
  
 
Edit the file '''.htpasswd''' and add the following name:password pair:
 
Edit the file '''.htpasswd''' and add the following name:password pair:
&lt;pre&gt;
+
<pre>
 
root:root
 
root:root
&lt;/pre&gt;
+
</pre>
  
 
'''''Note'':''' Name may include spaces the password shall be something long and random e.g:
 
'''''Note'':''' Name may include spaces the password shall be something long and random e.g:
Line 111: Line 103:
  
 
Edit the file to look like this:
 
Edit the file to look like this:
&lt;pre&gt;
+
<pre>
AuthName &quot;Uniform Server - Server Access&quot;
+
AuthName "Uniform Server - Server Access"
 
AuthType Basic
 
AuthType Basic
 
AuthUserFile /htpasswd/www/.htpasswd
 
AuthUserFile /htpasswd/www/.htpasswd
 
Require valid-user
 
Require valid-user
&lt;/pre&gt;
+
</pre>
  
 
Note: '''AuthName''' the text between quotes will be displayed in the browser popup box
 
Note: '''AuthName''' the text between quotes will be displayed in the browser popup box
Line 122: Line 114:
 
'''''[[#top | Top]]'''''
 
'''''[[#top | Top]]'''''
 
=== Testing ===
 
=== Testing ===
Testing is straight forward restart the server and type '''&lt;nowiki&gt;http:/localhost:8083/&lt;/nowiki&gt;''' into your browsers address bar.
+
Testing is straight forward restart the server and type '''<nowiki>http:/localhost:8083/</nowiki>''' into your browsers address bar.
  
 
You will be challenged for a name and password enter '''root''' and '''root''' to display the index page.
 
You will be challenged for a name and password enter '''root''' and '''root''' to display the index page.
  
 
Before moving onto mod rewrite edit the .htacces file to look like
 
Before moving onto mod rewrite edit the .htacces file to look like
&lt;pre&gt;
+
<pre>
#AuthName &quot;Uniform Server - Server Access&quot;
+
#AuthName "Uniform Server - Server Access"
 
#AuthType Basic
 
#AuthType Basic
 
#AuthUserFile /htpasswd/www/.htpasswd
 
#AuthUserFile /htpasswd/www/.htpasswd
 
#Require valid-user
 
#Require valid-user
&lt;/pre&gt;
+
</pre>
  
 
with the lines commented out authentication is disabled.
 
with the lines commented out authentication is disabled.
Line 142: Line 134:
 
== How to add mod rewrite ==
 
== How to add mod rewrite ==
 
Mod rewrite has no dependencies add the following line to the modules section in httpd.conf.
 
Mod rewrite has no dependencies add the following line to the modules section in httpd.conf.
&lt;pre&gt;
+
<pre>
 
LoadModule rewrite_module modules/mod_rewrite.so
 
LoadModule rewrite_module modules/mod_rewrite.so
&lt;/pre&gt;
+
</pre>
  
 
The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.
 
The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.
Line 154: Line 146:
  
 
'''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules.     
 
'''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules.     
&lt;pre&gt;
+
<pre>
 
# =================================================  
 
# =================================================  
 
# Modules  
 
# Modules  
Line 179: Line 171:
 
   HostnameLookups Off  
 
   HostnameLookups Off  
 
   ServerTokens Prod  
 
   ServerTokens Prod  
   ServerRoot &quot;/usr/local/apache2&quot;
+
   ServerRoot "/usr/local/apache2"
   DocumentRoot &quot;/www&quot;
+
   DocumentRoot "/www"
 
   PidFile /usr/local/apache2/logs/httpd.pid  
 
   PidFile /usr/local/apache2/logs/httpd.pid  
&lt;IfModule mod_dir.c&gt;
+
<IfModule mod_dir.c>
 
   DirectoryIndex index.html index.htm
 
   DirectoryIndex index.html index.htm
&lt;/IfModule&gt;
+
</IfModule>
  
 
# =================================================  
 
# =================================================  
Line 193: Line 185:
 
   MaxKeepAliveRequests 100  
 
   MaxKeepAliveRequests 100  
 
   KeepAliveTimeout 15  
 
   KeepAliveTimeout 15  
&lt;IfModule mpm_winnt.c&gt;
+
<IfModule mpm_winnt.c>
 
   ThreadsPerChild 64
 
   ThreadsPerChild 64
 
   MaxRequestsPerChild  0
 
   MaxRequestsPerChild  0
&lt;/IfModule&gt;
+
</IfModule>
  
 
# =================================================  
 
# =================================================  
 
# Access control  
 
# Access control  
 
# =================================================  
 
# =================================================  
&lt;Directory /&gt;
+
<Directory />
 
   Options None  
 
   Options None  
 
   AllowOverride None  
 
   AllowOverride None  
 
   Order deny,allow  
 
   Order deny,allow  
 
   Deny from all  
 
   Deny from all  
&lt;/Directory&gt;
+
</Directory>
  
&lt;Directory &quot;/www&quot;&gt;
+
<Directory "/www">
 
   AllowOverride All
 
   AllowOverride All
 
   Order allow,deny  
 
   Order allow,deny  
 
   Allow from all  
 
   Allow from all  
&lt;/Directory&gt;
+
</Directory>
  
 
AccessFileName .htaccess
 
AccessFileName .htaccess
Line 218: Line 210:
 
# files from being viewed by Web clients.
 
# files from being viewed by Web clients.
  
&lt;Files ~ &quot;^\.ht&quot;&gt;
+
<Files ~ "^\.ht">
 
     Order allow,deny
 
     Order allow,deny
 
     Deny from all
 
     Deny from all
&lt;/Files&gt;
+
</Files>
 
# =================================================  
 
# =================================================  
 
# MIME encoding  
 
# MIME encoding  
Line 232: Line 224:
 
# =================================================  
 
# =================================================  
 
   LogLevel warn  
 
   LogLevel warn  
   LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot;&quot; combined  
+
   LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined  
   LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b&quot; common  
+
   LogFormat "%h %l %u %t \"%r\" %>s %b" common  
   LogFormat &quot;%{Referer}i -&gt; %U&quot; referer  
+
   LogFormat "%{Referer}i -> %U" referer  
   LogFormat &quot;%{User-agent}i&quot; agent  
+
   LogFormat "%{User-agent}i" agent  
   ErrorLog &quot;logs/error_log&quot;
+
   ErrorLog "logs/error_log"
   CustomLog &quot;logs/access.log&quot; combined
+
   CustomLog "logs/access.log" combined
 
# =================================================  
 
# =================================================  
&lt;/pre&gt;
+
</pre>
  
 
'''''[[#top | Top]]'''''
 
'''''[[#top | Top]]'''''
Line 247: Line 239:
  
 
=== Download ===
 
=== Download ===
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&amp;package_id=275691 Project Page] save the file '''mini_server_3.exe''' to any folder of your choice.
+
Download this server from SourceForge [http://sourceforge.net/projects/miniserver/files/MiniServer/MiniServer_%20Apache%202.2.9%20Portable%20-%20Authentication/ Project Page] save the file '''mini_server_3.exe''' to any folder of your choice.
  
 
'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl.
 
'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl.
Line 267: Line 259:
 
# Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.)  
 
# Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.)  
 
# Start a web browser.
 
# Start a web browser.
# Type '''&lt;nowiki&gt;http://localhost:8083/&lt;/nowiki&gt;''' into the browser address bar.
+
# Type '''<nowiki>http://localhost:8083/</nowiki>''' into the browser address bar.
 
# An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''.
 
# An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''.
 
# Stop the server by double clicking on '''server_stop.bat'''
 
# Stop the server by double clicking on '''server_stop.bat'''
Line 286: Line 278:
 
Folder '''secure1''' is protected by the the following .htaccess file:
 
Folder '''secure1''' is protected by the the following .htaccess file:
 
      
 
      
&lt;pre&gt;
+
<pre>
AuthName &quot;To give you a clue the following are the name:password pairs: John:21,
+
AuthName "To give you a clue the following are the name:password pairs: John:21,
  Dave Smith:22 and Mike:23 these will take you to the private pages.&quot;
+
  Dave Smith:22 and Mike:23 these will take you to the private pages."
 
AuthType Basic
 
AuthType Basic
 
AuthUserFile /htpasswd/www/.htpasswd
 
AuthUserFile /htpasswd/www/.htpasswd
Line 309: Line 301:
 
RewriteCond %{REMOTE_user} ^Mike$
 
RewriteCond %{REMOTE_user} ^Mike$
 
RewriteRule (.*) /secure/Mike.html [R,L]
 
RewriteRule (.*) /secure/Mike.html [R,L]
&lt;/pre&gt;
+
</pre>
  
'''''Note'':''' Make sure to change the line '''AuthName''' to something like &quot;Please login to your secure page&quot; I included name/password pairs to make it easier to test.   
+
'''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure page" I included name/password pairs to make it easier to test.   
  
 
'''''[[#top | Top]]'''''
 
'''''[[#top | Top]]'''''
Line 322: Line 314:
 
Folder '''secure2''' is protected by the the following htaccess file:
 
Folder '''secure2''' is protected by the the following htaccess file:
  
&lt;pre&gt;
+
<pre>
AuthName &quot;To give you a clue the following are the name:password pairs: Jane:41,
+
AuthName "To give you a clue the following are the name:password pairs: Jane:41,
  Dawn:42 and Ruth Smith:43 these will take you to the private folders.&quot;
+
  Dawn:42 and Ruth Smith:43 these will take you to the private folders."
 
AuthType Basic
 
AuthType Basic
 
AuthUserFile /htpasswd/www/.htpasswd
 
AuthUserFile /htpasswd/www/.htpasswd
Line 345: Line 337:
 
RewriteCond %{REMOTE_user} ^Ruth\ Smith$
 
RewriteCond %{REMOTE_user} ^Ruth\ Smith$
 
RewriteRule  ^(.*) secure2/mpg3/$1 [R,L]
 
RewriteRule  ^(.*) secure2/mpg3/$1 [R,L]
&lt;/pre&gt;
+
</pre>
  
'''''Note'':''' Make sure to change the line '''AuthName''' to something like &quot;Please login to your secure folder&quot; I included name/password pairs to make it easier to test.  
+
'''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure folder" I included name/password pairs to make it easier to test.  
  
 
'''''[[#top | Top]]'''''
 
'''''[[#top | Top]]'''''

Latest revision as of 16:12, 17 October 2012

Mini Servers:  Introduction | Support | Server 1 - Portable | Server 2 - Service | Server 3 - Portable Authentication | Server 4 - Portable Authen. SSL | Server 5 - SSL Standalone | Browsers dislike self-signed certificates | Server 6 - PHP 5.2.6 Portable | Server 7 - PHP 5.2.6 Service | Server 8 - MySQL Support | Guest Book | Server 9 - Perl 5.2.6 Portable | Server 10 - Perl 5.2.6 Service | Server 11 - MySQL 5.0.67 Portable | Server 12 - MySQL 5.0.67 Service | Server 13 - MySQL 4.1.22 Portable | Server 14 - MySQL 4.1.22 Service | phpMyAdmin - Mini support | MySQL - General problems

Mini Servers:
Compact but fully functional.
Apache 2.2.9 Portable - Authentication

Mini Server 3 using Apache 2.2.9 Core

This mini server uses mini-server 1 as a starting point it shows how to increase this basic servers functionality. Being a demo server I have moved it to port 8083. Each additional piece of functionality is independent however where there are module dependencies I have highlighted these.

The following shows how to enable .htaccess, basic authentication and mod rewrite. Mod rewrite is used to enhance basic authentication.

Top

Moving the Server

If you need to run the server on a different port or virtual drive this is straight forward:

Change virtual drive

The server automatically detects the first free drive letter and uses that to run the server on. You can override this in one of two ways:

  1. Start the server using a drive parameter for example: server_start.bat z this forces the server to use drive z
  2. Edit server_start.bat, locate the following line:
      rem set Disk=w
    Remove the rem and replace w with the letter you want to use for example:
      set Disk=x  Forces the server to use drive letter x

Change server default port

  • Edit httpd.conf located in folder *\udrive\usr\local\apache2\conf locate these lines:
  • Listen 8083
  • ServerName localhost:8083
Change them as follows:
  • Listen 8080
  • ServerName localhost:8080

To access the server type http://localhost:8080/ into your browser address bar.

If port already in use try any value above 2000

Top

How to enable htaccess

Apache uses additional configuration files these either override or add directives to the main configuration. Any changes made in these files unlike httpd.conf do not require a server re-start.

Add the directive AllowOverride All to the root folder. This directive means all Apache directives can be overridden or added.

<Directory "/www"> 
  AllowOverride All
  Order allow,deny 
  Allow from all 
</Directory> 

Note: I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.

File name:

Apache needs to know the file name of the designated additional configuration file. The name can be anything thing you like however by tradition its named .htacces its a good idea to stick with this. The directive to add the file name is AccessFileName .htaccess.

This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions.

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

Note: The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.

That's all there is to enabling htaccess files, before you can use them the server must be restarted to pick up the new main configuration file. At this stage if you place either authentication or mode rewrite directives in the htaccess file andrun the server it will cause Apache to spit out misconfiguration errors. To use these directives the appropriate modules must be included in the main configuration file httpd.conf these are covered in the following sections.

Top

How to add authentication

Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.

LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so

The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a full copy of Apache allows you to pick the modules you require.

Note: After adding modules always restart the server otherwise Apache will not be able to pick up the new configuration..

Top

Add password folder

Basic authentication uses name and password pairs these are stored in a text file named .htpasswd however you can use any name you like again convention dictates .htpasswd hence best to use that.

For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:

  • *\udrive\htpasswd\www

You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.

Edit the file .htpasswd and add the following name:password pair:

root:root

Note: Name may include spaces the password shall be something long and random e.g:

  • John Smith:x5Wl8df6a29
  • Mike:Qn67sG8k2

Top

htaccess file

Before we can test copy an .htaccess file to folder www the one from Uniform Server will do.

Edit the file to look like this:

AuthName "Uniform Server - Server Access"
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
Require valid-user

Note: AuthName the text between quotes will be displayed in the browser popup box

Top

Testing

Testing is straight forward restart the server and type http:/localhost:8083/ into your browsers address bar.

You will be challenged for a name and password enter root and root to display the index page.

Before moving onto mod rewrite edit the .htacces file to look like

#AuthName "Uniform Server - Server Access"
#AuthType Basic
#AuthUserFile /htpasswd/www/.htpasswd
#Require valid-user

with the lines commented out authentication is disabled.

Alternatively delete the file its not required since we are going to protect specific folders.

Top

How to add mod rewrite

Mod rewrite has no dependencies add the following line to the modules section in httpd.conf.

LoadModule rewrite_module modules/mod_rewrite.so

The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module mod_rewrite.so from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.

Top

Mini server httpd.conf

Our complete configuration file is shown below some modules are inter dependent because of this their order is important.

Tip: When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules.

# ================================================= 
# Modules 
# =================================================
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so

LoadModule rewrite_module modules/mod_rewrite.so

# ================================================= 
# Basic settings 
# ================================================= 
  Listen 8083 
  ServerName localhost:8083
  ServerAdmin fred@www.somedomain.com 
  UseCanonicalName Off 
  ServerSignature Off 
  HostnameLookups Off 
  ServerTokens Prod 
  ServerRoot "/usr/local/apache2"
  DocumentRoot "/www" 
  PidFile /usr/local/apache2/logs/httpd.pid 
<IfModule mod_dir.c> 
   DirectoryIndex index.html index.htm
</IfModule> 

# ================================================= 
# HTTP and performance settings 
# ================================================= 
  Timeout 300 
  KeepAlive On 
  MaxKeepAliveRequests 100 
  KeepAliveTimeout 15 
<IfModule mpm_winnt.c>
   ThreadsPerChild 64
   MaxRequestsPerChild  0
</IfModule>

# ================================================= 
# Access control 
# ================================================= 
<Directory />
  Options None 
  AllowOverride None 
  Order deny,allow 
  Deny from all 
</Directory> 

<Directory "/www"> 
  AllowOverride All
  Order allow,deny 
  Allow from all 
</Directory> 

AccessFileName .htaccess
# The following lines prevent .htaccess and .htpasswd
# files from being viewed by Web clients.

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>
# ================================================= 
# MIME encoding 
# ================================================= 
DefaultType text/plain 
  TypesConfig /usr/local/apache2/conf/mime.types 

# ================================================= 
# Logs: debug, info, notice, warn, error, crit
# ================================================= 
  LogLevel warn 
  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined 
  LogFormat "%h %l %u %t \"%r\" %>s %b" common 
  LogFormat "%{Referer}i -> %U" referer 
  LogFormat "%{User-agent}i" agent 
  ErrorLog "logs/error_log" 
  CustomLog "logs/access.log" combined
# ================================================= 

Top

Support files

Each mini server is complete and zipped into a single self-extracting archive file.

Download

Download this server from SourceForge Project Page save the file mini_server_3.exe to any folder of your choice.

Note: Check out the mini server's support and download page detailing how to obtain full binaries for Apache, PHP and Perl.

Top

Extract files

Double click on mini_server_3.exe, starts the extraction process. No need to change the folder destination, click extract, this creates a new folder mini_server_3 containing two files and one folder.

  1. server_start.bat - Double click to start the server
  2. server_stop.bat - Double click to stop server
  3. udrive - Folder containing server and your web site.

Top

Test

Testing is straight forward.

  1. Start the server by double clicking on server_start.bat (automatically detects free drive letter creates new virtual drive and runs the server.)
  2. Start a web browser.
  3. Type http://localhost:8083/ into the browser address bar.
  4. An index page is displayed, check out the secure areas by clicking links secure1 or secure2.
  5. Stop the server by double clicking on server_stop.bat

Note 1: If you need to change the server port from 8083 edit httpd.conf accordingly..

Top

Authentication

I have added two examples to demonstrate the use of htaccess files to protect folders using basic authentication which in turn are enhanced by mod rewrite. A full write-up of this concept can be found on this page Basic authentication and redirection

Top

Secure1

From the main index page click on the secure1 link. This takes you to a protected folder where you will be challenged for a name and password. Enter one of the name/password pairs shown, you will be able to view a single personal page. Each page contain cross links to other personal pages see what happens when you click one of these links.

Note: To re-log in you must restart your browser.

Folder secure1 is protected by the the following .htaccess file:

AuthName "To give you a clue the following are the name:password pairs: John:21,
 Dave Smith:22 and Mike:23 these will take you to the private pages."
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
Require valid-user

Options +FollowSymLinks
#Options +Indexes
RewriteEngine On
RewriteBase /

RewriteCond $1 !^John\.html
RewriteCond %{REMOTE_user} ^John$
RewriteRule (.*) /secure/John.html [R,L]

RewriteCond $1 !^Dave\.html
RewriteCond %{REMOTE_user} ^Dave\ Smith$
RewriteRule (.*) /secure/Dave.html [R,L]

RewriteCond $1 !^Mike\.html
RewriteCond %{REMOTE_user} ^Mike$
RewriteRule (.*) /secure/Mike.html [R,L]

Note: Make sure to change the line AuthName to something like "Please login to your secure page" I included name/password pairs to make it easier to test.

Top

Secure2

From the main index page click on the secure2 link. This takes you to a protected folder where you will be challenged for a name and password. Enter one of the name/password pairs shown, you will be able to view the contents of a personal folder. Each personal index page contain cross links to other personal folders see what happens when you click one of these links.

Note: To re-log in you must restart your browser.

Folder secure2 is protected by the the following htaccess file:

AuthName "To give you a clue the following are the name:password pairs: Jane:41,
 Dawn:42 and Ruth Smith:43 these will take you to the private folders."
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
Require valid-user

Options +FollowSymLinks
RewriteEngine On
RewriteBase /

RewriteEngine on
RewriteCond $1 !^mpg1/
RewriteCond %{REMOTE_user} ^Jane$
RewriteRule  ^(.*) secure2/mpg1/$1 [R,L]

RewriteCond $1 !^mpg2/
RewriteCond %{REMOTE_user} ^Dawn$
RewriteRule  ^(.*) secure2/mpg2/$1 [R,L]

RewriteCond $1 !^mpg3/
RewriteCond %{REMOTE_user} ^Ruth\ Smith$
RewriteRule  ^(.*) secure2/mpg3/$1 [R,L]

Note: Make sure to change the line AuthName to something like "Please login to your secure folder" I included name/password pairs to make it easier to test.

Top

Multi Servers

If you wish to run several mini servers at the same time create a new folder for each server and copy folder mini_server_3 into each of these.

Change the server port for each server to be unique. The servers may be started in any order.

Note: You can run the mini servers alongside Uniform Server 3.5-Apollo however you must start Uniform Server first.

Top

Summary

These mini-servers are indented to show you how to build in functionality as and when required, primarily to remove bloat and increase security. You now have a basic server with the capability of of mod rewrite and basic authentication to protect individual folders.

The real problem with this protection it is not secure, name/password pairs including pages are sent unencrypted. This plain text can easily be intercepted exposing your passwords. The next server (Mini Server 4) in this series addresses this major issue by adding SSL.

Top


Uc small logo.gif Ric