Mini Servers: Apache 2.2.9 Portable - Authentication: Difference between revisions
Mini Servers: Apache 2.2.9 Portable - Authentication (view source)
Revision as of 17:36, 24 November 2010
, 24 November 2010Reverted edits by Upazixorys (Talk); changed back to last version by Ric
Upazixorys (talk | contribs) No edit summary |
m (Reverted edits by Upazixorys (Talk); changed back to last version by Ric) |
||
Line 1: | Line 1: | ||
{{Uc nav mini servers}} | {{Uc nav mini servers}} | ||
[[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core''' | [[Image:Uc_mini_1a.gif|Apache 2.2.9 Portable - Authentication|right]]'''Mini Server 3 using Apache 2.2.9 Core''' | ||
Line 23: | Line 15: | ||
# Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z | # Start the server using a drive parameter for example: '''server_start.bat z''' this forces the server to use drive z | ||
# Edit server_start.bat, locate the following line: | # Edit server_start.bat, locate the following line:<br> '''rem set Disk=w''' <br>Remove the rem and replace w with the letter you want to use for example:<br> '''set Disk=x''' Forces the server to use drive letter x | ||
=== Change server default port === | === Change server default port === | ||
Line 34: | Line 26: | ||
:* ServerName localhost:8080 | :* ServerName localhost:8080 | ||
To access the server type ''' | To access the server type '''<nowiki>http://localhost:8080/</nowiki>''' into your browser address bar. | ||
If port already in use try any value above 2000 | If port already in use try any value above 2000 | ||
Line 44: | Line 36: | ||
Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added. | Add the directive '''AllowOverride All''' to the root folder. This directive means all Apache directives can be overridden or added. | ||
<pre> | |||
<Directory "/www"> | |||
AllowOverride All | AllowOverride All | ||
Order allow,deny | Order allow,deny | ||
Allow from all | Allow from all | ||
</Directory> | |||
</pre> | |||
'''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage. | '''''Note'':''' I have not added this directive to the main directory because putting it in the web root gives a slight speed advantage. | ||
Line 59: | Line 51: | ||
This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions. | This file along with a similarly named password file shall not be viewable to restrict Internet user access add the following file restrictions. | ||
<pre> | |||
AccessFileName .htaccess | AccessFileName .htaccess | ||
<Files ~ "^\.ht"> | |||
Order allow,deny | Order allow,deny | ||
Deny from all | Deny from all | ||
</Files> | |||
</pre> | |||
'''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is. | '''''Note'':''' The password file will not be accessible since it is located outside of the root folder www. In this situation the above code is belt and braces however third party scripts may be using password files within the root folder hence keep the code as is. | ||
Line 77: | Line 69: | ||
Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf. | Basic authentication is dependent on three modules add the following directives to the modules section in httpd.conf. | ||
<pre> | |||
LoadModule auth_basic_module modules/mod_auth_basic.so | LoadModule auth_basic_module modules/mod_auth_basic.so | ||
LoadModule authn_file_module modules/mod_authn_file.so | LoadModule authn_file_module modules/mod_authn_file.so | ||
LoadModule authz_user_module modules/mod_authz_user.so | LoadModule authz_user_module modules/mod_authz_user.so | ||
</pre> | |||
The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require. | The directives on their own are of little use unless you copy the three modules to folder *\udrive\usr\local\apache2\modules hence the reason for downloading a [[Mini Servers: Support and download#Apache| full copy of Apache]] allows you to pick the modules you require. | ||
Line 93: | Line 85: | ||
For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder: | For security this file must be located outside of the server web root (folder www). Uniform server uses the following folder: | ||
* ''' | * '''<nowiki>*</nowiki>\udrive\htpasswd\www''' | ||
You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo. | You can change this to suite your own requirements I will stick with this only because it keeps commoality between the mini servers and Uniform Server 3.5-Apollo. | ||
Edit the file '''.htpasswd''' and add the following name:password pair: | Edit the file '''.htpasswd''' and add the following name:password pair: | ||
<pre> | |||
root:root | root:root | ||
</pre> | |||
'''''Note'':''' Name may include spaces the password shall be something long and random e.g: | '''''Note'':''' Name may include spaces the password shall be something long and random e.g: | ||
Line 111: | Line 103: | ||
Edit the file to look like this: | Edit the file to look like this: | ||
<pre> | |||
AuthName | AuthName "Uniform Server - Server Access" | ||
AuthType Basic | AuthType Basic | ||
AuthUserFile /htpasswd/www/.htpasswd | AuthUserFile /htpasswd/www/.htpasswd | ||
Require valid-user | Require valid-user | ||
</pre> | |||
Note: '''AuthName''' the text between quotes will be displayed in the browser popup box | Note: '''AuthName''' the text between quotes will be displayed in the browser popup box | ||
Line 122: | Line 114: | ||
'''''[[#top | Top]]''''' | '''''[[#top | Top]]''''' | ||
=== Testing === | === Testing === | ||
Testing is straight forward restart the server and type ''' | Testing is straight forward restart the server and type '''<nowiki>http:/localhost:8083/</nowiki>''' into your browsers address bar. | ||
You will be challenged for a name and password enter '''root''' and '''root''' to display the index page. | You will be challenged for a name and password enter '''root''' and '''root''' to display the index page. | ||
Before moving onto mod rewrite edit the .htacces file to look like | Before moving onto mod rewrite edit the .htacces file to look like | ||
<pre> | |||
#AuthName | #AuthName "Uniform Server - Server Access" | ||
#AuthType Basic | #AuthType Basic | ||
#AuthUserFile /htpasswd/www/.htpasswd | #AuthUserFile /htpasswd/www/.htpasswd | ||
#Require valid-user | #Require valid-user | ||
</pre> | |||
with the lines commented out authentication is disabled. | with the lines commented out authentication is disabled. | ||
Line 142: | Line 134: | ||
== How to add mod rewrite == | == How to add mod rewrite == | ||
Mod rewrite has no dependencies add the following line to the modules section in httpd.conf. | Mod rewrite has no dependencies add the following line to the modules section in httpd.conf. | ||
<pre> | |||
LoadModule rewrite_module modules/mod_rewrite.so | LoadModule rewrite_module modules/mod_rewrite.so | ||
</pre> | |||
The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K. | The directive instructs Apache to load mod rewrite when the server is restarted. Remember to copy the module '''mod_rewrite.so''' from the full download into folder *\udrive\usr\local\apache2\modules. Mod rewrite is extremely powerful and weights in at only 57K. | ||
Line 154: | Line 146: | ||
'''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules. | '''''Tip'':''' When adding modules check the downloaded full package httpd.conf configuration file it lists the correct order for all modules. | ||
<pre> | |||
# ================================================= | # ================================================= | ||
# Modules | # Modules | ||
Line 179: | Line 171: | ||
HostnameLookups Off | HostnameLookups Off | ||
ServerTokens Prod | ServerTokens Prod | ||
ServerRoot | ServerRoot "/usr/local/apache2" | ||
DocumentRoot | DocumentRoot "/www" | ||
PidFile /usr/local/apache2/logs/httpd.pid | PidFile /usr/local/apache2/logs/httpd.pid | ||
<IfModule mod_dir.c> | |||
DirectoryIndex index.html index.htm | DirectoryIndex index.html index.htm | ||
</IfModule> | |||
# ================================================= | # ================================================= | ||
Line 193: | Line 185: | ||
MaxKeepAliveRequests 100 | MaxKeepAliveRequests 100 | ||
KeepAliveTimeout 15 | KeepAliveTimeout 15 | ||
<IfModule mpm_winnt.c> | |||
ThreadsPerChild 64 | ThreadsPerChild 64 | ||
MaxRequestsPerChild 0 | MaxRequestsPerChild 0 | ||
</IfModule> | |||
# ================================================= | # ================================================= | ||
# Access control | # Access control | ||
# ================================================= | # ================================================= | ||
<Directory /> | |||
Options None | Options None | ||
AllowOverride None | AllowOverride None | ||
Order deny,allow | Order deny,allow | ||
Deny from all | Deny from all | ||
</Directory> | |||
<Directory "/www"> | |||
AllowOverride All | AllowOverride All | ||
Order allow,deny | Order allow,deny | ||
Allow from all | Allow from all | ||
</Directory> | |||
AccessFileName .htaccess | AccessFileName .htaccess | ||
Line 218: | Line 210: | ||
# files from being viewed by Web clients. | # files from being viewed by Web clients. | ||
<Files ~ "^\.ht"> | |||
Order allow,deny | Order allow,deny | ||
Deny from all | Deny from all | ||
</Files> | |||
# ================================================= | # ================================================= | ||
# MIME encoding | # MIME encoding | ||
Line 232: | Line 224: | ||
# ================================================= | # ================================================= | ||
LogLevel warn | LogLevel warn | ||
LogFormat | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined | ||
LogFormat | LogFormat "%h %l %u %t \"%r\" %>s %b" common | ||
LogFormat | LogFormat "%{Referer}i -> %U" referer | ||
LogFormat | LogFormat "%{User-agent}i" agent | ||
ErrorLog | ErrorLog "logs/error_log" | ||
CustomLog | CustomLog "logs/access.log" combined | ||
# ================================================= | # ================================================= | ||
</pre> | |||
'''''[[#top | Top]]''''' | '''''[[#top | Top]]''''' | ||
Line 247: | Line 239: | ||
=== Download === | === Download === | ||
Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691& | Download this server from SourceForge [http://sourceforge.net/project/showfiles.php?group_id=53691&package_id=275691 Project Page] save the file '''mini_server_3.exe''' to any folder of your choice. | ||
'''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl. | '''''Note'':''' Check out the mini server's [[Mini Servers: Support and download|support and download page]] detailing how to obtain full binaries for Apache, PHP and Perl. | ||
Line 267: | Line 259: | ||
# Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.) | # Start the server by double clicking on '''server_start.bat''' (automatically detects free drive letter creates new virtual drive and runs the server.) | ||
# Start a web browser. | # Start a web browser. | ||
# Type ''' | # Type '''<nowiki>http://localhost:8083/</nowiki>''' into the browser address bar. | ||
# An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''. | # An index page is displayed, check out the secure areas by clicking links '''secure1''' or''' secure2'''. | ||
# Stop the server by double clicking on '''server_stop.bat''' | # Stop the server by double clicking on '''server_stop.bat''' | ||
Line 286: | Line 278: | ||
Folder '''secure1''' is protected by the the following .htaccess file: | Folder '''secure1''' is protected by the the following .htaccess file: | ||
<pre> | |||
AuthName | AuthName "To give you a clue the following are the name:password pairs: John:21, | ||
Dave Smith:22 and Mike:23 these will take you to the private pages. | Dave Smith:22 and Mike:23 these will take you to the private pages." | ||
AuthType Basic | AuthType Basic | ||
AuthUserFile /htpasswd/www/.htpasswd | AuthUserFile /htpasswd/www/.htpasswd | ||
Line 309: | Line 301: | ||
RewriteCond %{REMOTE_user} ^Mike$ | RewriteCond %{REMOTE_user} ^Mike$ | ||
RewriteRule (.*) /secure/Mike.html [R,L] | RewriteRule (.*) /secure/Mike.html [R,L] | ||
</pre> | |||
'''''Note'':''' Make sure to change the line '''AuthName''' to something like | '''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure page" I included name/password pairs to make it easier to test. | ||
'''''[[#top | Top]]''''' | '''''[[#top | Top]]''''' | ||
Line 322: | Line 314: | ||
Folder '''secure2''' is protected by the the following htaccess file: | Folder '''secure2''' is protected by the the following htaccess file: | ||
<pre> | |||
AuthName | AuthName "To give you a clue the following are the name:password pairs: Jane:41, | ||
Dawn:42 and Ruth Smith:43 these will take you to the private folders. | Dawn:42 and Ruth Smith:43 these will take you to the private folders." | ||
AuthType Basic | AuthType Basic | ||
AuthUserFile /htpasswd/www/.htpasswd | AuthUserFile /htpasswd/www/.htpasswd | ||
Line 345: | Line 337: | ||
RewriteCond %{REMOTE_user} ^Ruth\ Smith$ | RewriteCond %{REMOTE_user} ^Ruth\ Smith$ | ||
RewriteRule ^(.*) secure2/mpg3/$1 [R,L] | RewriteRule ^(.*) secure2/mpg3/$1 [R,L] | ||
</pre> | |||
'''''Note'':''' Make sure to change the line '''AuthName''' to something like | '''''Note'':''' Make sure to change the line '''AuthName''' to something like "Please login to your secure folder" I included name/password pairs to make it easier to test. | ||
'''''[[#top | Top]]''''' | '''''[[#top | Top]]''''' |