Apache2 password protected Vhost configuration - apache

I have a problem with a password protected vhost on apache2 and debian (7).
It's a server which hosts several vhost. They are all online for now. I need to restrict access only for one of them. (www.acticia.net)
I do not want to use .htaccess while it is not the correct way for apache.
Here is my vhost conf in site-available :
<VirtualHost *:80>
ServerAdmin admin#acticia.net
ServerName acticia.net
ServerAlias www.acticia.net
DocumentRoot /var/www/acticia.net/
<Directory /var/www/acticia.net/>
AuthType Basic
AuthName "Authentication required"
AuthUserfile "/etc/htpasswd/.htpasswd"
Require valide-user
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/acticia.net-error_log
TransferLog /var/log/apache2/acticia.net-access_log
/etc/htpasswd/.htpasswd has been generated by htpasswd (from apache2)
The site claims that "Authentication required", ask for a login and a password then, ask it again, and again and again ...
Tested under chorimum and iceweasel (up to date for a deb7).
I read apache2 wiki, apache2 docs and a certain part of the www for this subject, didn't understood my mistake !
Thanks for the helps guys !

Require valide-user should be Require valid-user

Related

Setting up Basic Apache Authentication through .htpasswrd... Not working?

So I am trying to run just a basic demonstration website using apache. I'm very new to the whole schema of how it works so I'm just testing basic authentication using both .htaccess and .htpasswrd to see if it will actually prompt. So far it has not. My current directory for my site on my pc (Centos 7) is /var/www/html/index.html is where my site is. and my conf files are located in /etc/httpd/(sites-available)/(sites-enabled) to where both files have this configuration :
#Basic Appache Config file for Demo site
Listen 127.0.0.1:80
<VirtualHost 127.0.0.1:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride ALL
Require all granted
</Directory>
</VirtualHost>
I figured this using .htaccess would yield the result I wanted.. and have also tried to do this method:
<Directory "/var/www/your_domain">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>
</VirtualHost>
Neither of these has prompted my website for authentication whenever I go on firefox/chrome and go to local host. I have reset appache (httpd), multiple times, as well as disabled and re-enabled it to see if it was just that but also no luck. Any other recommendations I could try here? Or is it an error of syntax/httpd? Thanks to anyone with advice!

Trac & Apache Server: SSL & Virtual Hosts not working

I have configured an Ubuntu 16.04 Server with Apache and installed Trac 1.2.2 on it. I would like to access the Trac installation using SSL via https://subdomain.example.com
I have the following two .conf-files in /etc/apache2/sites-available/ right now:
ssl.conf:
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
DocumentRoot /var/www/html/
testinstallation.conf:
WSGIScriptAlias /trac/testinstallation /var/www/html/trac/testinstallation/cgi-bin/trac.wsgi
<Location /trac/testinstallation>
AuthType Digest
AuthName "testinstallation"
AuthUserFile /var/lib/trac/testinstallation/.htdigest
Require valid-user
</Location>
When I open https://subdomain.example.com/trac/testinstallation, everything works as it should - but I would like to access my Trac-environment via https://subdomain.example.com. When I change the DocumentRoot in ssl.conf to /var/www/html/trac/testinstallation, I only get to see two folders, but not the Trac-environment (I don't know how to implement the WSGIScriptAlias to the ssl.conf). Can anybody help me with this problem?
Another question: Can I run multiple installations of Trac on one server using SSL? If yes, I would probably need another VirtualHost-file - but what should be in there?
The first parameter of WSGIScriptAlias is the URL-path. So to access your Trac installation over just the subdomain, you can modify the WSGIScriptAlias directive to
WSGIScriptAlias / /var/www/html/trac/testinstallation/cgi-bin/trac.wsgi
There is no need of mentioning the DocumentRoot. The WSGIScriptAlias directive takes care of it. If you want to run multiple Trac installations over multiple subdomains, repeat the same process that you have followed. i.e.,
Deploy project directory
Create Trac users
Create vhost and enable site
Else you can run multiple Trac installation as multiple subdirectories under the same subdomain by defining multiple WSGIScriptAlias directives in the same vhost file.
Example of vhost file for multiple Trac installations (test1 and test2) over single subdomain:
trac.conf
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
</VirtualHost>
WSGIScriptAlias /test1 /var/www/html/trac/test1/cgi-bin/trac.wsgi
<Location /login>
AuthType Digest
AuthName "test1"
AuthUserFile /var/lib/trac/test1/.htdigest
Require valid-user
</Location>
WSGIScriptAlias /test2 /var/www/html/trac/test2/cgi-bin/trac.wsgi
<Location /login>
AuthType Digest
AuthName "test2"
AuthUserFile /var/lib/trac/test2/.htdigest
Require valid-user
</Location>

Apache VirtualHost configuration & Subversion

I'm trying to configure a sub-domain for my subversion repository.
I have a VH example.fr pointing to my personal website, and I want another VH svn.example.fr to point to the repository.
However, when I try to connect to svn.example.fr, I get the front page of my website...
Here is my Apache configuration file:
<VirtualHost *:80>
DocumentRoot /srv/example.fr
ServerName example.fr
ServerAlias www.example.fr
<Directory /srv/example.fr>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName svn.example.fr
<Location />
DAV svn
SVNPath /srv/svn/repo
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /srv/svn/repo/conf/passwd
AuthzSVNAccessFile /srv/svn/repo/conf/authz
Require valid-user
</Location>
</VirtualHost>
I don't see any problem here, but I'm sure there is.
Thanks for your help !
EDIT : The configuration file is correct. I should precise that I'm running Apache inside a Docker container. Just after creating the conf file, I restarted Apache by restarting the container. This is not the right way to do it: restarting the container does not restart the server.
So Lazy Badger was right finally, thanks.
This is question for SU
After creating VirtualHost section you have to restart Apache
(Not related to network|Apache config, future trouble) Plain-text /srv/svn/repo/conf/passwd, used by svnserve, can't be used as Apache user-file, i.e. you have to have
...
AuthUserFile /path/to/htpasswd/file
...
DocumentRoot for VirtualHost must be defined, svn.example.fr miss it

My server IP + all subdirectories are pointing to Subversion (SVN)

I installed a subversion on my server and it's working properly. All my repositories are located at /var/svn/repo1 /var/svn/repo2 etc... My /etc/apache2/sites-available/svn looks this:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName svn.myhostname.com
DocumentRoot /var/svn
<Directory /var/svn/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Location />
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion"
AuthUserFile /etc/subversion/svn-auth
Require valid-user
</Location>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/svn.error.log
CustomLog ${APACHE_LOG_DIR}/svn.access.log combined
</VirtualHost>
The problem is that when I open a browser and type my IP address or hostname they both point to SVN for some reason. For example, when I type only my IP the browser says "A username and password are being requested by MYIPADDRESS. The site says: "Subversion"". I think the only address that should be pointed to SVN would be svn.myipaddress.com, right??
When I type svn.myipaddress/repo1 it shows the repository normally though.
This causes me hard times as I cannot access my IP and open html/php-files there because it asks for SVN password every time.
Any thoughts on this?
Your initial <VirtualHost *:80> is redirecting all requests on port 80 (the standard http port) to the subversion directories. If you change that to something like <VirtualHost *:3690> then standard web requests should work as normal, though you'll need to add the port when accessing the repositories from the client, i.e. svn co http://repository.url:3690/repo1 in order for subversion commands to work.

Redirect a frontend URL to another backend webserver

I'm using a framework that uses a full-stack to display all its webpages. This runs standard on port 9000. Very fine, but when going into production, the server seems to block everything except a few standard ports.
So therefore, the framework (Play framework), advises you to do this in your front-end webserver (in my case Apache2).
file: play.conf
<VirtualHost *:80>
ServerName http://avon.ugent.be
CustomLog /var/www/log/proxy-access.log common
ErrorLog /var/www/log/proxy-error.log
ProxyPreserveHost On
DocumentRoot /var/www
<Location /dev/app>
AuthType Basic
AuthName "Test Omgeving"
AuthUserFile /var/trac/htpasswd
Require valid-user
ProxyPass http://127.0.0.1:9000/
ProxyPassReverse http://127.0.0.1:9000/
</Location>
</VirtualHost>
This of course requires the mod_proxy module, that is being enabled with a2enmod mod_proxy. (I run this on a Debian distro)
The idea is to run two webservers, one front-end and one back-end with the application.
The reloading of the apache webserver works fine, the site is enabled and everything, but when I surf to the http://my.website.com/dev/app url, it renders a 404... Suggestions what's going wrong?
EDIT3:
After 10+ hours of trying it boils down to this:
I found the debugging command (finally :p) and this is the output:
apache2ctl -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:80 is a NameVirtualHost
default server avon.ugent.be (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost avon.ugent.be (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost avon.ugent.be (/etc/apache2/sites-enabled/play.conf:1)
Syntax OK
Which indicates that the virtual server is indeed being added to the configuration.
But still, it renders a 404. Now, somewhere i've read that's because there is no index.html in that path. Is that necessary if you just want to use a reverse proxy?
For a start please try using Location instead of Directory. Directory is used for identifying directory paths on the filesystem not paths relative to the document root.
<Location '/dev/app'>
AuthType Basic
AuthName "Test Omgeving"
AuthUserFile /var/trac/htpasswd
Require valid-user
</Location>
Try the following. It should prompt for the username/password and then pass the request to http://127.0.0.1:9000. In my case, Apache gives a "Service Temporarily Unvavailable", which you should get as well if you turn off the application running on port 9000
<VirtualHost *:80>
ServerName my.website.com
<Location /dev/app>
AuthType Basic
AuthName "Test Omgeving"
AuthUserFile passwd/.htpasswd
Require valid-user
ProxyPass http://127.0.0.1:9000
ProxyPassReverse http://127.0.0.1:9000
</Location>
</VirtualHost>
If you still get a 404, can you confirm that it's not the backend server sending it?