Apache :: Configuration To Setup Password For Website
Jul 8, 2013
I want to setup a password for a website running on Ubuntu server, and find Apache can be used. It is implemented by config httpd.conf file and .htaccess file.
So I want to ask:
1. In this case, the password is setup for a path on the server configured in httpd.conf file. Like in the following example:
Code: <Directory "/var/www/html/MySite">
The password is setup for the path to Mysite,right?
2. If my content of website is not stored under /var/www folder, I cannot use this way to setup a password for website, right? May use PHP instead?
TEST 1: Without <FilesMatch> directive, the headers are set to all requested content as it should. This includes content served from apache server and content from a separate application server.
TEST 2: If I use the above configuration example, I can see that static content comes with correct headers only
to build a website (there is a team working on the software, and planning to go live in March). I decided to go for a 1/4 rack in a local colo.
Here is what I think I need (maybe missed something):
1-2 webservers (asp.net app) 1 database server (mssql 2005)
A few questions:
1. Choosing between VPN and firewall, I'm leaning towards VPN. Colo has its own firewall to connect to get into its network. Does it make sense to go with VPN or should I go for a firewall?
2. I'm thinking to go for DL360 G3 with 3GB RAM for webservers and DL580 G4 with 8GB RAM for database server. Does it make sense? Can you recommend where to buy it from?
3. Do I need to buy a 1U switch or a simple switchbox is enough? Which switch would you recommend?
4. What about Load Balancing? I don't want to go for an expensive solution until the website picks up. But I do realize that I'll need Load Balancer at some point. What would you recommend to do?
I'm assuming the setup I'm looking for is pretty standard, but don't have experience with setting it up. Any advice/help is very much appreciated.
I'm trying to allow part of a website to be secure and prompt for a password that can be access by a user/password.
I'm running Win 2003 server and IIS 6.0
I have my website running fine.
This is what I wanted to do. Allow the main page to be accessed by all.
Part of the site needs to be secure and allow access to people only with a password.
I thought I would be able to do this by creating a user with a password on the windows machine just like I have created users with FTP accounts that are logging in and using the FTP service fine.
However, when I limit access to the folders. When I try to access it by internet it comes up with a user/pass box as I thought it would, but when I try to access it with the user/pass for a user that can auth fine for the win FTP service it doesn't accept it.
how I can do this in IIS to allow secure access to part of a site and allow them to auth to login to part of the site only ?
We had written a free file sharing website like rapidshare,2shared,4shared n .... .
We let people add as many file as they want to upload. People also search and browse among files.
Do we need a dedicated server or a dedicated VPS ?
How much should the configuration be? i mean How much Ram?
We need to add extra hard disks in the close future.
Maybe sometime we need to add clustering and ... .
Please tell me in detail about the initial configuration needed to run this website so we ll be sure that the site will never be down or lacks of hard disk and ram or CPU.
and tell me your experience in best dedicated services with online support which will be good friends.
We are hosting provider. I running Plesk 11 on Window 2008 64 bit. I have a website error as flow
HTTP Error 404.3 - Not Found
The page you are requesting cannot be served because of the extension configuration. If the page is a script, add a handler. If the file should be downloaded, add a MIME map.
We are moving our website to an in-house server that's going to be on the windows server 2003 OS. However, I am concerned that our current connection speed may not be enough to promptly serve our customers.
We currently have 10 megs download, 512k upload.
Our server is the following:
Quad-core Xeon at 1.8 4 gigs of ram 2x 15k rpm 160 gig hard drives in raid 1 configuration
Anyways, at any given time we may have up to 10 people on our website. Our pages average between 60KB and 120KB each.
Would this system and internet connection support our needs? Do we need to upgrade the internet connection? If so what would you recommend?
I've been setting up name server for my website. I'm using Centos 5, but never get it works.
Here what i have done so far: yum install named Then i create named.conf in /etc
PHP Code:
options { version "Version Secured"; directory "/var/named"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; recursion no;};logging { category lame-servers { null; };};//// a caching only nameserver config//controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; };};zone "." IN { type hint; file "named.ca";};zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; };};zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; };};include "/etc/rndc.key";zone "glueg99.com" { type master; file "/var/named/glueg99.com.db"; };
I created glueg99.com.db in /var/named
PHP Code:
$TTL 14400@ IN SOA ns1.glueg99.com. root.glueg99.com. ( 2007081300 14400 3600 1209600 86400 )glueg99.com. 14400 IN NS ns1.glueg99.com.ftp 14400 IN A 209.99.56.22localhost 14400 IN A 127.0.0.1mail 14400 IN A 209.99.56.22pop 14400 IN A 209.99.56.22glueg99.com. 14400 IN A 209.99.56.22www 14400 IN A 209.99.56.22glueg99.com. 14400 IN MX 10 mailglueg99.com. 14400 IN TXT "v=spf1 a mx ip4:209.99.56.22 ?all"
When i start 'named' (service named restart), it tells me these errors:
PHP Code:
[root@v named]# service named restartStopping named: [FAILED]Starting named:Error in named configuration:zone localhost/IN: loading master file localhost.zone: file not found_default/localhost/IN: file not foundzone 0.0.127.in-addr.arpa/IN: loading master file named.local: file not found_default/0.0.127.in-addr.arpa/IN: file not foundzone glueg99.com/IN: loaded serial 2007081300 [FAILED]
My website has been down and i am so frustrate about it. I don't like to use free NS from other sites, i'd rather set up my own NS.
Hotmail doesn't work. The email filtering technologies are still broken 18 months after the original problems were found with their implementation. And now it looks like they've stopped supporting it.
Seriously, does anyone know if the email filtering team at Microsoft has just given up on responding to requests and complaints? We've just deployed two new servers and both are blocked for delivering email to clients Hotmail/MSN/Live.com accounts.
The following steps have been taken:
1. Our DNS has been tested and checked using DNSstuff.com services.
2. Our server IP addresses checked to ensure they do not appear in any blacklists.
3. rDNS correctly setup for hostnames and mailserver names.
4. All our email is signed using DomainKeys.
5. All our domain names have published SPF records.
6. All our domain names have valid abuse@ and postmaster@ email addresses.
7. We have emailed senderid@microsoft.com notifying them as requested on postmaster.msn.com of our published SPF records.
8. We have even completed the senderid support form providing further notification here: [url]
9. I have contacted the technical support team using the contact form on [url] witn absolutely no success.
Two weeks later I've made no progress whatsoever beyond receiving a request to complete a survey rating the non-existent support I have received. (No human has responded to any of my messages) And all our messages to Hotmail are still disappearing into the email filtering black-hole.
At this point I'm starting to wonder if Hotmail is even usable as an email service anymore. I doubt many people will be bothering to jump through all the hoops I am to resolve this issue. I dread to think how much legitimate email is getting caught up in the Microsoft email filtering black-hole - never providing any notification or information to senders their messages were not delivered.
Meanwhile, our email arrives perfectly in Yahoo/Gmail who both pass our SPF records and DomainKeys signatures. Oh, and we're not engaging in any email marketing practises (i.e. spam).
I don't know I was clearly enough in the title, the problem is that one of my clients has his own mailserver, I host only his website, and he uses a local server for emails.
For the rest of websites which are hosted on this server, everything is ok, intodns.com reports this message :
You have reverse (PTR) records for all your IPs, that is a good thing.
But for the website which has the mailserver on another server it fails the PTR test on intodns.com
ERROR: No reverse DNS (PTR) entries. The problem MX records are: 2.218.77.82.in-addr.arpa -> no reverse (PTR) detected You should contact your ISP and ask him to add a PTR record for your ips
I have checked Tailor Made Servers control panel, and I have the option to set Reverse DNS for every IP alocated on my server, and for now all the websites (30) shares the same IP ..
IIS 7.0 - I host several websites. On one of them, the email is hosted externally and not through my exchange server. I have added an MX record to point to the mail server for this domain, but I still get an error when I attempt to send an email from within my local area network. There are no problems with emails generated outside my network, but for emails generated to this domain from within my network, I get the following error:
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address. <mail.<mydomain>.com #5.1.1>
Incidentally, the <mydomain> value does not match the domain for this email domain.
Instead it is the primary domain that I host.
I know that this must be a DNS issue, but I'm not sure how to correct.
I'm pretty new to Plesk and would like to setup a testing wordpress website without changing DNS yet. I assume I need to create a webspace for it. But do I use actual domain or an IP address? Wordpress ties up to the domain as far as I know.
I am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
I would to use: htdigest -c filename.htpasswd Group usernamein file batch to insert a set of users with password.I can use it without having to enter the password from the keyboard?I tried echo pass| htdigest -c filename.htpasswd Group username but it does not work.
Is this possible to log username and password passed by GET request for basic authentication?I generate link to some part of my website by [URL] ....
It works without any problems for 90% users but some of them got information that there is password mismatch.So I would like to log all request with information about passed login and password in text plain.
Someone had mentioned a way to use virtual apache configs, this way you wouldn't have to reboot apache each time you add a new domain to your box. Can you tell me what dso I need to use?
Also is there a conversion tool to grab the configs you have now, and migrate them to the external files?
I have a couple of directories on my server that require authentication (MySQL DBD and AuthUserFile). Both work fine with SSL off. When I use SSL on directories without authentication that also works fine. However, when I put the 2 together, authentication is by-passed. I cannot seem to get the configuration right to do both. Here is my VH conf file (sanitized):
I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected"> AllowOverride All AuthType basic AuthName "Enter Login" AuthUserFile /etc/htpasswd/.htpasswd Require valid-user Order deny,allow Allow from user1 </Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
index-file.names = ( "index.php", "index.html", "index.htm", "default.htm" ) and my httpd.conf
Code: ProxyRequests Off ProxyPreserveHost On ProxyPass /lighttpd http://0.0.0.0:81/ ProxyPassReverse / http://0.0.0.0:81/ Now when I created a folder on my server's httpdocs /lighttpd/
everything runs smooth so I got the lighty to work for me.
Okay now that i figure it works I wanted to run one of my subdomain on lighty so that I can reduce the load on the server. Does anyone know how I can setup one of my subdomain to open with lighttpd and keep everything else on apache?
