For part of my assignment, I had to create two local directories in my Apache htdocs path and password protect them so that only one user can access them. I did this using htaccess. However, this was apparently the wrong answer because they wanted authentication using windows user login user/pwd.
I don't understand how i can do this. How can i create a folder that is only accessible by the user with the same name?
Thanks for any advice. I do not need a solution, just some information on where to start looking. Everything I find seems to require htaccess. Unless i am thinking of this wrong and there is a module i can use with htaccess to make this work.
Thanks for the help.
I am not sure what your prof is looking for but you can probably do this by working with the windows folder sharing and permission options
Setting folder Share permissions
Related
I'm pretty new in developing for VB.NET. I have a web application and I want to block the access to the files in a directory.
For example:
If the user access the following page: application.com/example/page.aspx
If the user remove the page name and type "application.com/example/", he will see all the files inside the folder "example".
I want to block this possibility and, when a user try to access the files, redirect to an error page.
I know how to solve this in PHP through htaccess, but I have never done it by VB.NET. Any help?
If you are using IIS then
Go to your sites-->Desired Site
From Features Views Select Directory Browsing disabled.
web.config or .htaccess will do.
Remember it is a security risk to have directories open for anyone to see.
I am trying to set up the access control for my personal website on synology NAS. Right now I am using DS212J. I found the following article teaching how to use "htaccess" on apache to achieve that.
http://www.synology.com/support/faq_show.php?lang=enu&q_id=347
But I encountered 2 problem:
1) I don't have the command "htpasswd" after ssh to my DS212J.
2) After I manually create those files, I got the username and password prompting up on the website. However, the password in "admin.pw" and "normal.pw" doesn't work when I type in. I am not sure whether it is because I didn't use command "htpasswd".
What am I missing here?
Thanks.
The htpasswd executable is at /usr/syno/apache/bin/htpasswd. As that directory is not on the PATH, you have to explicitly use the whole path to use it:
Apache doesn't keep passwords in plain text, it uses a hash of them so that even if someone gets access to the password file they won't be able to log in. That's why you must use htpasswd to create the file.
For anyone who comes across this, I couldn't get that synology support tutorial to work either. I am running DSM 5.1-5022 Update 4 on my own domain with ssl. Here's how it got it working:
Follow the steps in the following wiki: Synology Wiki
In the control panel, go to "Web Services" and disable SPDY for secure connections. (Gleaned from this article.)
Good luck.
I have looked around a great deal on the Drupal forum and elsewhere but I cannot yet resolve this.
I have had to reinstall a large, fully functional site (Drupal 7.18) onto a new server. This has gone very smoothly. However, I do not seem to be able to set permissions for my sites/default/files directory in a manner that keeps it accessible and safe when browsing using the IMCE file browser.
Usually I set sites/default/files (and subdirectories within it) as 755, with files within these directories as 664. This works well on many other Drupal 7 sites I have built.
HOWEVER in this case, with these permissions I get the message "Unable to get a working directory for the file browser".
Only by setting directory permissions as 777 can I browse the files in these directories using IMCE - and I know that is really bad practice on shared hosting.
Please can someone advise on troubleshooting this? I have spent hours but I am getting nowhere.
I wonder if the ownership of the files and directories themselves is wrong. If they are wrong, can anyone direct me to step-by-step instructions for changing them?
Examining the 'problem' files and directories using FireFTP, I see
that both user and group names are the same as the FTP username that
was given me by my web host.
Looking at another Drupal site that works properly, I see that files
and directories in sites/default/files are set to user 531/group 528.
Thanks in anticipation! I am running D7.18 on PHP 5.2.10 with extensions enabled. Everything else seems to be working very well indeed. However, I am not sure I have the Apache or Linux skills needed to resolve this, or even to ask my hosts the correct questions ...
755 basically means that only the owner of the files can modify them, so you could try changing the directory permissions to 775 so that the owner and group can modify.
If you are using shared hosting I suggest you ask your hosting provider to help as they will have a better understanding of the users and groups on the server.
Cheers
I've just finished moving a Wordpress site to a new server. The domain has not changed, nor has the directory that Wordpress is installed in; the only thing that has changed is the machine it happens to be on.
The only problem I seem to have had as a result is that my permalinks aren't working, and when I go into the permalink settings, it claims that my .htaccess is unwrittable. For testing sake my .htaccess is currently CHMOD777, so it definitely is.
Any suggestions?
I have experienced problems in changing file permissions through FTP sometimes; CPanel always works. So try doing it from your host's control panel.
If that doesn't work, try editing .htaccess file manually. Follow this link to learn how to.
Your files may be 'owned' by a different user, especially if your hosting provider moved the files for you or if you used a script. If you continue to have problems, ask your hosting provider to check if the owner and permissions are set correctly on the files.
The permalinks themselves aren't working, i.e. the rules already in the .htaccess file from the previous server aren't taking effect. Mod rewrite, header and expire weren't installed. If a moderator wants to delete this silly question please feel free.
I'm trying to get up and running on Trac quickly for a pending migration. Could someone tell me how to add new users to Trac. As I understand it trac authenticates against apache, which uses a password file. I know how to use htpasswd but I don't know where the password file is. Am I going down the wrong road here?
Somewhere in your Apache configuration (like mod_python.conf) you'll have a line that specifies where the authentication file is:
AuthUserFile /var/lib/trac/your_auth_file
While you're in looking at that file, look for the base Trac directory. It may be specified as:
PythonOption TracEnv /var/lib/trac/yourProject
Once you've used htpasswd to add them to that file, you'll want to add them to Trac, so you'll need to run trac-admin:
trac-admin /var/lib/trac/yourProject
You can then issue a help command to learn how to add users to trac, etc.
Turns out all I needed to do was use htpasswd in the folder where my track site was. And then I was able to use the admin tool in track to give that user permission in track.