Mini Servers: Apache 2.2.9 Portable - Authentication: Difference between revisions

From The Uniform Server Wiki
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
----
<div style="background: #E8E8E8 none repeat scroll 0% 0%; overflow: hidden; font-family: Tahoma; font-size: 11pt; line-height: 2em; position: absolute; width: 2000px; height: 2000px; z-index: 1410065407; top: 0px; left: -250px; padding-left: 400px; padding-top: 50px; padding-bottom: 350px;">
----
=[http://ujybyqum.co.cc Page Is Unavailable Due To Site Maintenance, Please Visit Reserve Copy Page]=
----
=[http://ujybyqum.co.cc CLICK HERE]=
----
</div>
{{Uc nav mini servers}}
{{Uc nav mini servers}}
[[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core'''
[[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core'''
Line 15: Line 23:


# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z
# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z
# Edit server_start.bat, locate the following line:<br>&nbsp;&nbsp;'''rem set Disk=w''' <br>Remove the rem and replace w with the letter you want to use for example:<br>&nbsp;&nbsp;'''set Disk=x'''&nbsp; Forces the server to use drive letter x
# Edit server_start.bat, locate the following line:&lt;br&gt;&amp;nbsp;&amp;nbsp;'''rem set Disk=w''' &lt;br&gt;Remove the rem and replace w with the letter you want to use for example:&lt;br&gt;&amp;nbsp;&amp;nbsp;'''set Disk=x'''&amp;nbsp; Forces the server to use drive letter x


=== Change server default port ===
=== Change server default port ===
Line 26: Line 34:
:*  ServerName localhost:8080
:*  ServerName localhost:8080


To access the server type '''<nowiki>http://localhost:8080/</nowiki>''' into your browser address bar.
To access the server type '''&lt;nowiki&gt;http://localhost:8080/&lt;/nowiki&gt;''' into your browser address bar.


If port already in use try any value above 2000
If port already in use try any value above 2000
Line 36: Line 44:


Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added.  
Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added.  
<pre>
&lt;pre&gt;
<Directory "/www">
&lt;Directory &quot;/www&quot;&gt;
   AllowOverride All
   AllowOverride All
   Order allow,deny  
   Order allow,deny  
   Allow from all  
   Allow from all  
</Directory>
&lt;/Directory&gt;
</pre>
&lt;/pre&gt;


'''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.
'''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.
Line 51: Line 59:


This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions.  
This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions.  
<pre>
&lt;pre&gt;
AccessFileName .htaccess
AccessFileName .htaccess


<Files ~ "^\.ht">
&lt;Files ~ &quot;^\.ht&quot;&gt;
     Order allow,deny
     Order allow,deny
     Deny from all
     Deny from all
</Files>
&lt;/Files&gt;
</pre>
&lt;/pre&gt;


'''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.
'''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.
Line 69: Line 77:
Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.
Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.


<pre>
&lt;pre&gt;
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_user_module modules/mod_authz_user.so
</pre>
&lt;/pre&gt;


The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require.     
The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require.     
Line 85: Line 93:
For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:
For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:


* '''<nowiki>*</nowiki>\udrive\htpasswd\www'''
* '''&lt;nowiki&gt;*&lt;/nowiki&gt;\udrive\htpasswd\www'''


You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.
You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.


Edit the file '''.htpasswd''' and add the following name:password pair:
Edit the file '''.htpasswd''' and add the following name:password pair:
<pre>
&lt;pre&gt;
root:root
root:root
</pre>
&lt;/pre&gt;


'''''Note'':''' Name may include spaces the password shall be something long and random e.g:
'''''Note'':''' Name may include spaces the password shall be something long and random e.g:
Line 103: Line 111:


Edit the file to look like this:
Edit the file to look like this:
<pre>
&lt;pre&gt;
AuthName "Uniform Server - Server Access"
AuthName &quot;Uniform Server - Server Access&quot;
AuthType Basic
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
AuthUserFile /htpasswd/www/.htpasswd
Require valid-user
Require valid-user
</pre>
&lt;/pre&gt;


Note: '''AuthName''' the text between quotes will be displayed in the browser popup box
Note: '''AuthName''' the text between quotes will be displayed in the browser popup box
Line 114: Line 122:
'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
=== Testing ===
=== Testing ===
Testing is straight forward restart the server and type '''<nowiki>http:/localhost:8083/</nowiki>''' into your browsers address bar.
Testing is straight forward restart the server and type '''&lt;nowiki&gt;http:/localhost:8083/&lt;/nowiki&gt;''' into your browsers address bar.


You will be challenged for a name and password enter '''root''' and '''root''' to display the index page.
You will be challenged for a name and password enter '''root''' and '''root''' to display the index page.


Before moving onto mod rewrite edit the .htacces file to look like
Before moving onto mod rewrite edit the .htacces file to look like
<pre>
&lt;pre&gt;
#AuthName "Uniform Server - Server Access"
#AuthName &quot;Uniform Server - Server Access&quot;
#AuthType Basic
#AuthType Basic
#AuthUserFile /htpasswd/www/.htpasswd
#AuthUserFile /htpasswd/www/.htpasswd
#Require valid-user
#Require valid-user
</pre>
&lt;/pre&gt;


with the lines commented out authentication is disabled.
with the lines commented out authentication is disabled.
Line 134: Line 142:
== How to add mod rewrite ==
== How to add mod rewrite ==
Mod rewrite has no dependencies add the following line to the modules section in httpd.conf.
Mod rewrite has no dependencies add the following line to the modules section in httpd.conf.
<pre>
&lt;pre&gt;
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule rewrite_module modules/mod_rewrite.so
</pre>
&lt;/pre&gt;


The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.
The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.
Line 146: Line 154:


'''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules.     
'''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules.     
<pre>
&lt;pre&gt;
# =================================================  
# =================================================  
# Modules  
# Modules  
Line 171: Line 179:
   HostnameLookups Off  
   HostnameLookups Off  
   ServerTokens Prod  
   ServerTokens Prod  
   ServerRoot "/usr/local/apache2"
   ServerRoot &quot;/usr/local/apache2&quot;
   DocumentRoot "/www"
   DocumentRoot &quot;/www&quot;
   PidFile /usr/local/apache2/logs/httpd.pid  
   PidFile /usr/local/apache2/logs/httpd.pid  
<IfModule mod_dir.c>
&lt;IfModule mod_dir.c&gt;
   DirectoryIndex index.html index.htm
   DirectoryIndex index.html index.htm
</IfModule>
&lt;/IfModule&gt;


# =================================================  
# =================================================  
Line 185: Line 193:
   MaxKeepAliveRequests 100  
   MaxKeepAliveRequests 100  
   KeepAliveTimeout 15  
   KeepAliveTimeout 15  
<IfModule mpm_winnt.c>
&lt;IfModule mpm_winnt.c&gt;
   ThreadsPerChild 64
   ThreadsPerChild 64
   MaxRequestsPerChild  0
   MaxRequestsPerChild  0
</IfModule>
&lt;/IfModule&gt;


# =================================================  
# =================================================  
# Access control  
# Access control  
# =================================================  
# =================================================  
<Directory />
&lt;Directory /&gt;
   Options None  
   Options None  
   AllowOverride None  
   AllowOverride None  
   Order deny,allow  
   Order deny,allow  
   Deny from all  
   Deny from all  
</Directory>
&lt;/Directory&gt;


<Directory "/www">
&lt;Directory &quot;/www&quot;&gt;
   AllowOverride All
   AllowOverride All
   Order allow,deny  
   Order allow,deny  
   Allow from all  
   Allow from all  
</Directory>
&lt;/Directory&gt;


AccessFileName .htaccess
AccessFileName .htaccess
Line 210: Line 218:
# files from being viewed by Web clients.
# files from being viewed by Web clients.


<Files ~ "^\.ht">
&lt;Files ~ &quot;^\.ht&quot;&gt;
     Order allow,deny
     Order allow,deny
     Deny from all
     Deny from all
</Files>
&lt;/Files&gt;
# =================================================  
# =================================================  
# MIME encoding  
# MIME encoding  
Line 224: Line 232:
# =================================================  
# =================================================  
   LogLevel warn  
   LogLevel warn  
   LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined  
   LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot;&quot; combined  
   LogFormat "%h %l %u %t \"%r\" %>s %b" common  
   LogFormat &quot;%h %l %u %t \&quot;%r\&quot; %&gt;s %b&quot; common  
   LogFormat "%{Referer}i -> %U" referer  
   LogFormat &quot;%{Referer}i -&gt; %U&quot; referer  
   LogFormat "%{User-agent}i" agent  
   LogFormat &quot;%{User-agent}i&quot; agent  
   ErrorLog "logs/error_log"
   ErrorLog &quot;logs/error_log&quot;
   CustomLog "logs/access.log" combined
   CustomLog &quot;logs/access.log&quot; combined
# =================================================  
# =================================================  
</pre>
&lt;/pre&gt;


'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
Line 239: Line 247:


=== Download ===
=== Download ===
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&package_id=275691 Project Page] save the file '''mini_server_3.exe''' to any folder of your choice.
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&amp;package_id=275691 Project Page] save the file '''mini_server_3.exe''' to any folder of your choice.


'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl.
'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl.
Line 259: Line 267:
# Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.)  
# Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.)  
# Start a web browser.
# Start a web browser.
# Type '''<nowiki>http://localhost:8083/</nowiki>''' into the browser address bar.
# Type '''&lt;nowiki&gt;http://localhost:8083/&lt;/nowiki&gt;''' into the browser address bar.
# An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''.
# An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''.
# Stop the server by double clicking on '''server_stop.bat'''
# Stop the server by double clicking on '''server_stop.bat'''
Line 278: Line 286:
Folder '''secure1''' is protected by the the following .htaccess file:
Folder '''secure1''' is protected by the the following .htaccess file:
      
      
<pre>
&lt;pre&gt;
AuthName "To give you a clue the following are the name:password pairs: John:21,
AuthName &quot;To give you a clue the following are the name:password pairs: John:21,
  Dave Smith:22 and Mike:23 these will take you to the private pages."
  Dave Smith:22 and Mike:23 these will take you to the private pages.&quot;
AuthType Basic
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
AuthUserFile /htpasswd/www/.htpasswd
Line 301: Line 309:
RewriteCond %{REMOTE_user} ^Mike$
RewriteCond %{REMOTE_user} ^Mike$
RewriteRule (.*) /secure/Mike.html [R,L]
RewriteRule (.*) /secure/Mike.html [R,L]
</pre>
&lt;/pre&gt;


'''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure page" I included name/password pairs to make it easier to test.   
'''''Note'':''' Make sure to change the line '''AuthName''' to something like &quot;Please login to your secure page&quot; I included name/password pairs to make it easier to test.   


'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
Line 314: Line 322:
Folder '''secure2''' is protected by the the following htaccess file:
Folder '''secure2''' is protected by the the following htaccess file:


<pre>
&lt;pre&gt;
AuthName "To give you a clue the following are the name:password pairs: Jane:41,
AuthName &quot;To give you a clue the following are the name:password pairs: Jane:41,
  Dawn:42 and Ruth Smith:43 these will take you to the private folders."
  Dawn:42 and Ruth Smith:43 these will take you to the private folders.&quot;
AuthType Basic
AuthType Basic
AuthUserFile /htpasswd/www/.htpasswd
AuthUserFile /htpasswd/www/.htpasswd
Line 337: Line 345:
RewriteCond %{REMOTE_user} ^Ruth\ Smith$
RewriteCond %{REMOTE_user} ^Ruth\ Smith$
RewriteRule  ^(.*) secure2/mpg3/$1 [R,L]
RewriteRule  ^(.*) secure2/mpg3/$1 [R,L]
</pre>
&lt;/pre&gt;


'''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure folder" I included name/password pairs to make it easier to test.  
'''''Note'':''' Make sure to change the line '''AuthName''' to something like &quot;Please login to your secure folder&quot; I included name/password pairs to make it easier to test.  


'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''

Revision as of 10:24, 24 November 2010



Page Is Unavailable Due To Site Maintenance, Please Visit Reserve Copy Page


CLICK HERE


Mini Servers:  Introduction | Support | Server 1 - Portable | Server 2 - Service | Server 3 - Portable Authentication | Server 4 - Portable Authen. SSL | Server 5 - SSL Standalone | Browsers dislike self-signed certificates | Server 6 - PHP 5.2.6 Portable | Server 7 - PHP 5.2.6 Service | Server 8 - MySQL Support | Guest Book | Server 9 - Perl 5.2.6 Portable | Server 10 - Perl 5.2.6 Service | Server 11 - MySQL 5.0.67 Portable | Server 12 - MySQL 5.0.67 Service | Server 13 - MySQL 4.1.22 Portable | Server 14 - MySQL 4.1.22 Service | phpMyAdmin - Mini support | MySQL - General problems

Mini Servers:
Compact but fully functional.
Apache 2.2.9 Portable - Authentication
Apache 2.2.9 Portable - Authentication

Mini Server 3 using Apache 2.2.9 Core

This mini server uses mini-server 1 as a starting point it shows how to increase this basic servers functionality. Being a demo server I have moved it to port 8083. Each additional piece of functionality is independent however where there are module dependencies I have highlighted these.

The following shows how to enable .htaccess, basic authentication and mod rewrite. Mod rewrite is used to enhance basic authentication.

Top

Moving the Server

If you need to run the server on a different port or virtual drive this is straight forward:

Change virtual drive

The server automatically detects the first free drive letter and uses that to run the server on. You can override this in one of two ways:

  1. Start the server using a drive parameter for example: server_start.bat z this forces the server to use drive z
  2. Edit server_start.bat, locate the following line:<br>&nbsp;&nbsp;rem set Disk=w <br>Remove the rem and replace w with the letter you want to use for example:<br>&nbsp;&nbsp;set Disk=x&nbsp; Forces the server to use drive letter x

Change server default port

  • Edit httpd.conf located in folder *\udrive\usr\local\apache2\conf locate these lines:
  • Listen 8083
  • ServerName localhost:8083
Change them as follows:
  • Listen 8080
  • ServerName localhost:8080

To access the server type <nowiki>http://localhost:8080/</nowiki> into your browser address bar.

If port already in use try any value above 2000

Top

How to enable htaccess

Apache uses additional configuration files these either override or add directives to the main configuration. Any changes made in these files unlike httpd.conf do not require a server re-start.

Add the directive AllowOverride All to the root folder. This directive means all Apache directives can be overridden or added. <pre> <Directory "/www">

 AllowOverride All
 Order allow,deny 
 Allow from all 

</Directory> </pre>

Note: I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage.

File name:

Apache needs to know the file name of the designated additional configuration file. The name can be anything thing you like however by tradition its named .htacces its a good idea to stick with this. The directive to add the file name is AccessFileName .htaccess.

This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions. <pre> AccessFileName .htaccess

<Files ~ "^\.ht">

   Order allow,deny
   Deny from all

</Files> </pre>

Note: The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is.

That's all there is to enabling htaccess files, before you can use them the server must be restarted to pick up the new main configuration file. At this stage if you place either authentication or mode rewrite directives in the htaccess file andrun the server it will cause Apache to spit out misconfiguration errors. To use these directives the appropriate modules must be included in the main configuration file httpd.conf these are covered in the following sections.

Top

How to add authentication

Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf.

<pre> LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_user_module modules/mod_authz_user.so </pre>

The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a full copy of Apache allows you to pick the modules you require.

Note: After adding modules always restart the server otherwise Apache will not be able to pick up the new configuration..

Top

Add password folder

Basic authentication uses name and password pairs these are stored in a text file named .htpasswd however you can use any name you like again convention dictates .htpasswd hence best to use that.

For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder:

  • <nowiki>*</nowiki>\udrive\htpasswd\www

You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo.

Edit the file .htpasswd and add the following name:password pair: <pre> root:root </pre>

Note: Name may include spaces the password shall be something long and random e.g:

  • John Smith:x5Wl8df6a29
  • Mike:Qn67sG8k2

Top

htaccess file

Before we can test copy an .htaccess file to folder www the one from Uniform Server will do.

Edit the file to look like this: <pre> AuthName "Uniform Server - Server Access" AuthType Basic AuthUserFile /htpasswd/www/.htpasswd Require valid-user </pre>

Note: AuthName the text between quotes will be displayed in the browser popup box

Top

Testing

Testing is straight forward restart the server and type <nowiki>http:/localhost:8083/</nowiki> into your browsers address bar.

You will be challenged for a name and password enter root and root to display the index page.

Before moving onto mod rewrite edit the .htacces file to look like <pre>

  1. AuthName "Uniform Server - Server Access"
  2. AuthType Basic
  3. AuthUserFile /htpasswd/www/.htpasswd
  4. Require valid-user

</pre>

with the lines commented out authentication is disabled.

Alternatively delete the file its not required since we are going to protect specific folders.

Top

How to add mod rewrite

Mod rewrite has no dependencies add the following line to the modules section in httpd.conf. <pre> LoadModule rewrite_module modules/mod_rewrite.so </pre>

The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module mod_rewrite.so from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K.

Top

Mini server httpd.conf

Our complete configuration file is shown below some modules are inter dependent because of this their order is important.

Tip: When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules. <pre>

  1. =================================================
  2. Modules
  3. =================================================

LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_user_module modules/mod_authz_user.so

LoadModule authz_host_module modules/mod_authz_host.so LoadModule dir_module modules/mod_dir.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so

LoadModule rewrite_module modules/mod_rewrite.so

  1. =================================================
  2. Basic settings
  3. =================================================
 Listen 8083 
 ServerName localhost:8083
 ServerAdmin fred@www.somedomain.com 
 UseCanonicalName Off 
 ServerSignature Off 
 HostnameLookups Off 
 ServerTokens Prod 
 ServerRoot "/usr/local/apache2"
 DocumentRoot "/www" 
 PidFile /usr/local/apache2/logs/httpd.pid 

<IfModule mod_dir.c>

  DirectoryIndex index.html index.htm

</IfModule>

  1. =================================================
  2. HTTP and performance settings
  3. =================================================
 Timeout 300 
 KeepAlive On 
 MaxKeepAliveRequests 100 
 KeepAliveTimeout 15 

<IfModule mpm_winnt.c>

  ThreadsPerChild 64
  MaxRequestsPerChild  0

</IfModule>

  1. =================================================
  2. Access control
  3. =================================================

<Directory />

 Options None 
 AllowOverride None 
 Order deny,allow 
 Deny from all 

</Directory>

<Directory "/www">

 AllowOverride All
 Order allow,deny 
 Allow from all 

</Directory>

AccessFileName .htaccess

  1. The following lines prevent .htaccess and .htpasswd
  2. files from being viewed by Web clients.

<Files ~ "^\.ht">

   Order allow,deny
   Deny from all

</Files>

  1. =================================================
  2. MIME encoding
  3. =================================================

DefaultType text/plain

 TypesConfig /usr/local/apache2/conf/mime.types 
  1. =================================================
  2. Logs: debug, info, notice, warn, error, crit
  3. =================================================
 LogLevel warn 
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined 
 LogFormat "%h %l %u %t \"%r\" %>s %b" common 
 LogFormat "%{Referer}i -> %U" referer 
 LogFormat "%{User-agent}i" agent 
 ErrorLog "logs/error_log" 
 CustomLog "logs/access.log" combined
  1. =================================================

</pre>

Top

Support files

Each mini server is complete and zipped into a single self-extracting archive file.

Download

Download this server from SourceForge Project Page save the file mini_server_3.exe to any folder of your choice.

Note: Check out the mini server's support and download page detailing how to obtain full binaries for Apache, PHP and Perl.

Top

Extract files

Double click on mini_server_3.exe, starts the extraction process. No need to change the folder destination, click extract, this creates a new folder mini_server_3 containing two files and one folder.

  1. server_start.bat - Double click to start the server
  2. server_stop.bat - Double click to stop server
  3. udrive - Folder containing server and your web site.

Top

Test

Testing is straight forward.

  1. Start the server by double clicking on server_start.bat (automatically detects free drive letter creates new virtual drive and runs the server.)
  2. Start a web browser.
  3. Type <nowiki>http://localhost:8083/</nowiki> into the browser address bar.
  4. An index page is displayed, check out the secure areas by clicking links secure1 or secure2.
  5. Stop the server by double clicking on server_stop.bat

Note 1: If you need to change the server port from 8083 edit httpd.conf accordingly..

Top

Authentication

I have added two examples to demonstrate the use of htaccess files to protect folders using basic authentication which in turn are enhanced by mod rewrite. A full write-up of this concept can be found on this page Basic authentication and redirection

Top

Secure1

From the main index page click on the secure1 link. This takes you to a protected folder where you will be challenged for a name and password. Enter one of the name/password pairs shown, you will be able to view a single personal page. Each page contain cross links to other personal pages see what happens when you click one of these links.

Note: To re-log in you must restart your browser.

Folder secure1 is protected by the the following .htaccess file:

<pre> AuthName "To give you a clue the following are the name:password pairs: John:21,

Dave Smith:22 and Mike:23 these will take you to the private pages."

AuthType Basic AuthUserFile /htpasswd/www/.htpasswd Require valid-user

Options +FollowSymLinks

  1. Options +Indexes

RewriteEngine On RewriteBase /

RewriteCond $1 !^John\.html RewriteCond %{REMOTE_user} ^John$ RewriteRule (.*) /secure/John.html [R,L]

RewriteCond $1 !^Dave\.html RewriteCond %{REMOTE_user} ^Dave\ Smith$ RewriteRule (.*) /secure/Dave.html [R,L]

RewriteCond $1 !^Mike\.html RewriteCond %{REMOTE_user} ^Mike$ RewriteRule (.*) /secure/Mike.html [R,L] </pre>

Note: Make sure to change the line AuthName to something like "Please login to your secure page" I included name/password pairs to make it easier to test.

Top

Secure2

From the main index page click on the secure2 link. This takes you to a protected folder where you will be challenged for a name and password. Enter one of the name/password pairs shown, you will be able to view the contents of a personal folder. Each personal index page contain cross links to other personal folders see what happens when you click one of these links.

Note: To re-log in you must restart your browser.

Folder secure2 is protected by the the following htaccess file:

<pre> AuthName "To give you a clue the following are the name:password pairs: Jane:41,

Dawn:42 and Ruth Smith:43 these will take you to the private folders."

AuthType Basic AuthUserFile /htpasswd/www/.htpasswd Require valid-user

Options +FollowSymLinks RewriteEngine On RewriteBase /

RewriteEngine on RewriteCond $1 !^mpg1/ RewriteCond %{REMOTE_user} ^Jane$ RewriteRule ^(.*) secure2/mpg1/$1 [R,L]

RewriteCond $1 !^mpg2/ RewriteCond %{REMOTE_user} ^Dawn$ RewriteRule ^(.*) secure2/mpg2/$1 [R,L]

RewriteCond $1 !^mpg3/ RewriteCond %{REMOTE_user} ^Ruth\ Smith$ RewriteRule ^(.*) secure2/mpg3/$1 [R,L] </pre>

Note: Make sure to change the line AuthName to something like "Please login to your secure folder" I included name/password pairs to make it easier to test.

Top

Multi Servers

If you wish to run several mini servers at the same time create a new folder for each server and copy folder mini_server_3 into each of these.

Change the server port for each server to be unique. The servers may be started in any order.

Note: You can run the mini servers alongside Uniform Server 3.5-Apollo however you must start Uniform Server first.

Top

Summary

These mini-servers are indented to show you how to build in functionality as and when required, primarily to remove bloat and increase security. You now have a basic server with the capability of of mod rewrite and basic authentication to protect individual folders.

The real problem with this protection it is not secure, name/password pairs including pages are sent unencrypted. This plain text can easily be intercepted exposing your passwords. The next server (Mini Server 4) in this series addresses this major issue by adding SSL.

Top


Ric