I would like my entire website to be password protected except for one file called allowThisFileWithoutPassword.php.
How could this be accomplished. Below is my attempt :
Code:
<VirtualHost *:80>
ServerName example.com
ServerAlias *.example.com
# ServerSignature Off
ErrorDocument 404 /error-404.html
DocumentRoot /var/www/html
<Directory "/var/www/html">
[Code] .....
I have created a password file in /root/passw.txt
then run command
rsync -ave 'ssh -p 1234' --password-file=/root/passw.txt admin@10.0.0.10:/home/admin/backups/* /backups
But it still asks for the password. How can I fix it?
I am trying to setup rsync connection between servers by using this
Code:
rsync -avWe ssh * user@destination-ip:/path/to-folder --password-file=/root/rsync_pass
but it keeps asking for the password. In the /root/rsync_pass, I just put the password of user in destination server. Why cant rsync read the password file? Is there any specific syntax for it?
im trying to password protect a single txt file on my server, but instead its password protecting the whole directory
so for example
i want to password protect the file 123.txt in directory "sample" but instead its password protecting the whole direcoty "sample"
I've got a file I want to access via cURL that is within a password protected directory.
I've tried sending:
Code:
$headers = array(
"HTTP_AUTH_LOGIN: admin3e",
"HTTP_AUTH_PASSWD: opensesame",
"Content-Type: text/html"
);
curl_setopt($curl, CUROPT_HTTPHEADER, &$headers);
(insecure)
and:
Code:
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, '[user]:[pass]');
but I can't figure out how to get past the login:
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Apache/2.0.52 (CentOS) Server at ****** Port 80
i manage linux apache webserver with a few wordpress blogs and from time to time i see someone inject a malicious .php file into wp-content/uploads/2014/10/ directory.
i think its some bad plugin or theme, but these is more blogs, i ugrade, update, WP, but
how can i setup some monitor to tell me which php file (or even line in php file) injected that malicious .php ? I have linux root access so i can setup anything
i don't think win2003 Standard need CALs for IIS6 or does it?
View 1 Replies View RelatedBut would one of those embedded Youtube-videos take up space (or bandwidth), if I had one on my site?
I don't know what they are called (that is why I called them Youtube-videos), but I mean videos that you can view on sites other than Youtube, but still have the Youtube-interface and can also be found on Youtube.
Does HTTPS on a Windows site require SNI like it apparently does on Linux nodes? If it does, I've been avoiding moving a site to an existing server that only has one IP, so I may as well move it there instead of setting up a Windows node in PPA.
View 2 Replies View RelatedI am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
View 4 Replies View RelatedI would to use: htdigest -c filename.htpasswd Group usernamein file batch to insert a set of users with password.I can use it without having to enter the password from the keyboard?I tried echo pass| htdigest -c filename.htpasswd Group username but it does not work.
View 1 Replies View RelatedIs this possible to log username and password passed by GET request for basic authentication?I generate link to some part of my website by [URL] ....
It works without any problems for 90% users but some of them got information that there is password mismatch.So I would like to log all request with information about passed login and password in text plain.
What is the proper way. to password protect a directory for apache 2.4.7. Information i gather seems to not work.
View 4 Replies View RelatedWhere can I get examples to create login ID and password with changing of password function for valid user to access apache web server?
View 3 Replies View RelatedI want to setup a password for a website running on Ubuntu server, and find Apache can be used. It is implemented by config httpd.conf file and .htaccess file.
So I want to ask:
1. In this case, the password is setup for a path on the server configured in httpd.conf file. Like in the following example:
Code: <Directory "/var/www/html/MySite">
The password is setup for the path to Mysite,right?
2. If my content of website is not stored under /var/www folder, I cannot use this way to setup a password for website, right? May use PHP instead?
I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected">
AllowOverride All
AuthType basic
AuthName "Enter Login"
AuthUserFile /etc/htpasswd/.htpasswd
Require valid-user
Order deny,allow
Allow from user1
</Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
OS: Debian 7.3
Apache 2.2.22
I'm trying to set up password protection on an Apache HTTP server, and it's not working.
First, the environment: Apache 2.4.4 installed with XAMPP Control Panel 3.2.1 under Windows 7 Professional.
http.config says "AllowOverride All."
The .htaccess file in the protected directory says:
Code:
htpasswd -c .htpasswd samples
htpasswd prompted me for the password twice, and I entered it twice. When it quit I had a file named .htpasswd in the subsidy directory. I typed it and its contents looked correct according to the examples I've seen.
Then I restarted Apache and tried to load a page from the directory. The browser simply prompted me for the username and password over and over.
The Apache error log says, "AH01617: user samples: authentication failure for "/subsidy/filename.html": Password Mismatch."
I deleted the .htpasswd file and ran htpasswd again, specifying a different (very simple) password. I also confirmed that caps lock was not on both before and after. I restarted the server, tried to load a page, and got the same problem.
Apache seems to think I'm entering the wrong password, but that seems impossible when I've just defined it myself -- and I've tried twice, intentionally choosing a very simple password the second time. If the message means what it says, the cause must be something very different from the obvious one.
Im using apache2.2 on Ubuntu 12.04. Im trying to password protect a page using htacces and/or the directory command.
Basically no matter what method I use to try and password the index page it doesnt work. I can protect pages and dir's below, but not in the root www of a vhost.
basically:
/home/cackles/mysite with index.html and .htaccess will allow index.html to load and wont prompt for a pass until the page is refreshed.
/home/cackles/mysite/subdir will prompt for a pass before it goes any further.
I purged and started from scratch again last night and for nothing, it would seem, well I learned/refreshed a few things so it wasnt a complete bust ... just 7hrs
On my previous server and on some other hosts, I was able to write to files (for example with PHP) without having to chmod the files first.
Now I cannot, and files are required to be chmoded properly so I can write to them.
I cannot even touch() a file with PHP.
Is there any way to have this permissions removed?
I don't want to chmod the all thing, all I want is to change the configurations so I can fwrite() or file_put_contents() normally.
I's a dedicated un-managed server, so basically any advanced configurations can be done.
I get the following error when let my site connect to my database: Access denied for user 'apache'@'localhost' (using password: NO)
But when im running lil test script which connect to my localhost with the same passwords and it gives the status 'Connection OK' (im running on admin account, made a MySQL account with DA)
Code:
<?php $link = mysql_connect('localhost','admin_removed','removed'); if (!$link) { die('Could not connect to MySQL: ' . mysql_error()); } echo 'Connection OK'; mysql_close($link); ?>
I have an app that opens a new browser window to a URL that opens a PDF file at a named destination. For example: URL.....I need to authenticate each user that enters this link, but preferably only once per browser session (valid until user closes browser). This authentication process needs to be performed by an oracle-database stored procedure (via a Java servlet, or other technology). Any outline steps or reference link?
The idea would be when the user enters this link, that a popup window appears asking for a username and password, which then get verified by the stored procedure, and then, and only then, the URL address is allowed to proceed.I know I can implement password protection in `.htaccess` as follows.
AuthType Basic
AuthName "Secured Area"
AuthUserFile /path/to/.htpasswd
<Files "myFile.pdf">
Require valid-user
</Files>
But, I need this process to connect to the stored procedure to validate the user, because this stored procedure has to apply business logic to determine the users' subscription status, etc., which can change at any time.
Everyday after Backup Panel (Tasks from Backup Manager), I receive next error:
<?xml version="1.0" encoding="utf-8"?>
<execution-result status="error">
<object name="domain.ru" type="domain">
<message severity="error" id="416a91ad-e5e7-480b-b6b4-a60157b8eaae" code="InformationalException">
<description>Could not find password for account id '2648'. Return empty password</description>
</message>
</object>
</execution-result>
Resolve -> only reconfigure domain. How can I automatic fix this problem?
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
View 1 Replies View RelatedHow to change the Password of my FTP?
I know how to change the pwd. of cPanel, but I don't know how to change the pwd. of FTP?
I have 2G access_log file everyday. And the server will freeze a while during log rotate every morning.
So I want to reduce the size of the log file. I see most of the content in the log file are .jpg, .js, .gif. And I don't these log is necessary.
Can I log only php file?
I'm trying to set up Apache on CentOS 4. I'm using Apache 2.0 and it can't seem to access anything outside of the /var/www directory - it gives an Error 403.
I thought this would be down to SELinux but this is disabled. I've run the following command on the directory but with no luck:
Code:
chown apache /home/jmaskell -R
what is .htaccess file? use of this file?
View 6 Replies View Related
