Override subdirectory access for a certain user with htaccess - apache

My Website is locked with htaccess in the apache2.conf, so you can only access it with user and password.
Now I want a subdirectory beeing only accessible for a certain user
<Directory /var/www/>
Options Indexes FollowSymLinks
AuthType Basic
AuthName "Access denied"
AllowOverride All
AuthBasicProvider file
AuthUserFile /home/pi/.htpasswd
Require valid-user
</Directory>
<Directory /var/www/html/MySite/MySubDirectory>
AllowOverride none
Require user alloweduser
</Directory>
What am I missing?

Related

Override .htaccess filesmatch password protection in subdirectory

My goal is similar to the question asked here:
How to remove .htaccess password protection from a subdirectory
a .htaccess file protects all index.html files in subdirectories. I want to exclude a particular subdirectory from this rule.
However, even though I created the .htaccess file in said subdirectiory with the following content:
Require all granted
I am still requested for authentication from a .htaccess file at the higher directory:
DirectoryIndex index.html
<FilesMatch "index.html">
AuthUserFile /etc/users
AuthName "Protected"
AuthGroupFile /dev/null
AuthType Basic
Require valid-user
</FilesMatch>
How can I override this FilesMatch block in a sub directory so the login is not requested? In my apache configuration file:
<Directory />
Options FollowSymLinks
AllowOverride All
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride All
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
I do have AllowOverride set properly. What am I doing wrong?
In your subdirectory/.htaccess have these 2 lines to prevent auth:
Satisfy Any
Allow from all

The requested method PUT is not allowed for the URL

I am new to this community. I have an Httpd running on RHEL 7.X.while trying to upload a hello.world file to the WebDAV server using the following command:
curl -T hello.world -u webdav:webdav http://192.168.100.49/recordings/hello.world.
In-Return,I am getting 405 ..PUT method is not allowed for this URL.
I am also sharing the contents of my webdav.conf file here:
<IfModule mod_dav.c>
Alias /recordings /var/webdav/recordings"
<Directory /var/webdav/recordings>
Dav On
Options Indexes MultiViews FollowSymlinks
IndexOptions FancyIndexing
AddDefaultCharset UTF-8
AuthType Basic
AuthName "webdav"
AuthUserFile /var/webdav/htpasswd
Require valid-user
Order allow,deny
Allow from all
<LimitExcept GET POST OPTIONS PUT>
Order allow,deny
Allow from all
</LimitExcept>
</Directory>
<Location "/recordings">
Require valid-user
AuthType Basic
AuthName "webdav"
AuthUserFile /var/webdav/htpasswd
</Location>
</IfModule>
Any helpful comments guys..Thanks in advance.

Specific folder access rules for specific users with .htaccess

With the settings below, both user-1 and user-2 can access to site-1 and site-2 after login. However, I want to change access rights as listed below:
user-1 can access only site-1 (http://test.local/site-1)
user-2 can access only site-2 (http://test.local/site-2)
How can I do it?
Site structure
test
site-1
index.php
site-2
index.php
index.php
.htaccess
.htpasswd
.htaccess
AuthType Basic
AuthName "Protected Test Site"
AuthUserFile /var/www/html/local/test/.htpasswd
Require valid-user
.htpasswd
user-1:$apr1$CraA.0n7$JRqS7GyggMKNYcTP65rAW/
user-2:$apr1$NbKoZeyJ$P33C/1ceg1XGfLaPsWBgW1
test.local.conf
<VirtualHost *:80>
ServerName test.local
DocumentRoot /var/www/html/local/test
<Directory /var/www/html/local/test>
AllowOverride AuthConfig
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Either change:
Require valid-user
to:
Require user user-1
alternatively create yourself two group files, and change the line to something along the following lines:
Require group siteOneUsers
see: http://httpd.apache.org/docs/2.2/mod/core.html#require
Along with what I did above in OP, I solved the problem with creating additional .htaccess files right inside site-1 and site-2 so the contents are:
site-1/.htaccess
AuthUserFile /var/www/html/local/test/.htpasswd
Require user user-1
site-2/.htaccess
AuthUserFile /var/www/html/local/test/.htpasswd
Require user user-2

Apache directory listing permissions by user

I have Apache HTTP Server 4.4.9 running on Windows computer.
There are 2 users, administrator and john.
Administrator should have access to c:\HTTP Storage and all subfolders, with enabled directory listings.
User john should have access only to folder c:\HTTP Storage\john and all subfolders, with disabled directory listings.
Problem is that my configuration doesn't allow user administrator the directory listing in folder c:\HTTP Storage\john, only c:\HTTP Storage\
<Directory />
Options FollowSymLinks
AllowOverride none
Order deny,allow
Require all denied
</Directory>
<Directory "C:/HTTP Storage">
Options Indexes FollowSymLinks
AllowOverride None
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/htpasswd"
Require user administrator
Order allow,deny
Allow from all
</Directory>
<Directory "C:/HTTP Storage/john">
Options FollowSymLinks
AllowOverride None
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/htpasswd"
Require user administrator john
Order allow,deny
Allow from all
</Directory>
What am I doing wrong?

Password protect directories when accessed from external IPs using Apache

Currently have password protection on my main and sub directories, however I'd like to make it only required when connecting from an outside IP address and password free when connecting from the local subnet.
Currently /etc/apache2/sites-available/default looks like this:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
<Location / >
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user1
SetEnv R_ENV "/var/www"
</Location>
<Location /dir1>
AuthType Digest
AuthName "dir"
AuthDigestDomain /var/www/dir1/ http://10.1.2.2/dir1
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user2
SetEnv R_ENV "/var/www/dir1"
</Location>
<Location /dir2>
AuthType Digest
AuthName "dir"
AuthDigestDomain /var/www/ http://10.1.2.2/dir2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user2
SetEnv R_ENV "/var/www/dir2"
</Location>
</VirtualHost>
I've had a loot at Apache's documentation on auth but can't make sense of how I'd then implement the password protection in with that.
A bit of searching brought this up http://www.askapache.com/htaccess/apache-authentication-in-htaccess.html
Basically changed this:
<Location / >
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user1
SetEnv R_ENV "/var/www"
</Location>
to this:
<Location />
Order deny,allow
Deny from all
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require valid-user
SetEnv R_ENV "/var/www"
Allow from 10.1.2.0/24
Satisfy Any
</Location>
Tested and it's all running smoothly.