Cesar Chew at 17:47, 24 November 2014

2014-11-24T17:47:19Z

New page

{{Cat|Apache|03}}

<slideshow style="nobleprog" headingmark="⌘" incmark="…" scaled="true" font="Trebuchet MS" >
;title: Apache Basic Auth and Controlling Access
;author: Sam Bashton (NobleProg Ltd)

</slideshow>
=== Basic Auth ⌘===
* Basic authentication is built into HTTP
* Sends a hash of username:password in the HTTP header
* Also works over HTTPS
* It requires no modification of any code
* User interaction handled by the browser
=== Configuring HTTP auth in Apache ⌘===
* First, we need to create a password file and add a user
```
$ htpasswd -mc /etc/httpd/htpasswd example
```
* This creates the file /etc/httpd/htpasswd file, with the user 'example'
* Do this **only when creating a new password file**
* To add more users (in this case **example2**:
```
htpasswd -m /etc/httpd/htpasswd example2
```
=== Requiring authentication ⌘===
* In the vhost config, add a Location section
```
<Location />
AuthType Basic
AuthName "Authentication"
AuthUserFile /etc/httpd/htpasswd
Require valid-user
</Location>
```
=== Limiting access by IP ⌘===
* You can also limit by IP address
```
<Location />
Order allow,deny
Allow from 192.168.1.1
Deny from all
</Location>
```
=== Requiring a password only to some IPs ⌘===
* All everyone from a certain set of IPs access without a username/password
* Require that anyone accessing from outside must supply username/password
```
<Location />
AuthType Basic
AuthName "Authentication"
AuthUserFile /etc/httpd/htpasswd
Require valid-user
Allow from 192.168.1.1
Deny from all
Satisfy any
</Location>
```
=== Exercise ⌘===
* Make the virtualhost specified in /etc/httpd/conf.d/example.conf require a username + password

Apache Basic Auth and Controlling Access - Revision history

Cesar Chew at 17:47, 24 November 2014