Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Does anybody know how I can setup a password protected site on my DNS? I don't need anything fancy just a general password for the complete site.
I have lighttpd running and the JAlbumon that site. just would like to password protect it from the outside world
please give me step by step instructions as I do not have extensive linux or website or programming knowledge.
Patrick
Offline
See lighttpd documentation: http://trac.lighttpd.net/trac/wiki/Docs%3AModAuth
Unless you have another Linux box with htpasswd, I think using a plain password file is your only option.
Offline
If I want to use a plain passwo?rd file, how do I do that
Thanks for your help
PAtrick
Offline
It's covered in the docs that fonz pointed you at...did you read it?
Offline
I did read that, but I thought he meant with a plain password file, just a simple html page. Know that I looked at it a little closer, I'll have to do some more digging.
I'm not sure if I'll be able to succeed, but we'll give it a good try. If I get stuck you'll hear from me again. thanks so far again.
Patrick
Offline
I just took a quick look, but it looked relatively straightforward...create the password file and update your lighttpd.conf file to point at it...I could be minimzing the effort, as I only scanned it briefly.
Offline
what do you mean by uncomment?
Offline
What do I put in the lighttpd config file? Or is that the part under configuration? Do I copy the parts I need strait to the lighttpd.conf file?
Offline
I assume, I can only use the htpasswd htdigest ldap, if I as mentioned by fonz have an extra Linux server, correct?
Offline
By the way, this only password protects the html pages and not the ftp part, correct? Or does this protect the complete dns. If I do something wrong, can that result in me no longer having access to the dns?
Offline
I just tried it, but with this lighttpd.conf file, I cant get access. I get problem loading, unable to connect, what am I doing wrong?
server.document-root = "/mnt/HD_a2/www/"
server.port = 3000
server.username = “lighttpd”
server.groupname = “lighttpd”
server.modules = (
“mod_auth”
)
mimetype.assign = (
".html" => "text/html",
".txt" => "text/plain",
".jpg" => "image/jpeg",
".png" => "image/png")
index-file.names = ( "index.php", "index.html", "index.htm", "default.htm" )
## debugging
# 0 for off, 1 for 'auth-ok' messages, 2 for verbose debugging
auth.debug = 0
auth.backend = "plain"
auth.backend.plain.userfile = "\lnx_bin\lib\.passwordfile"
auth.require = ( "/to be protected dir/" =>
(
"method" => "basic",
"require" => "user=xxx1|user=xxx2|user=xxx3|user=xxx4"
),
"/server-info" =>
(
"method" => "basic",
"require" => "valid-user"
)
)
Offline
can anybody please help me? I'm still no step further with protecting my site.....
Thanks!
Patrick
Offline
pwvandeursen wrote:
can anybody please help me? I'm still no step further with protecting my site.....
Thanks!
Patrick
If you are looking for a simple password protection for your website you may want to try this:
http://www.dynamicdrive.com/dynamicindex9/password.htm
I was using that to password protect a few of my jalbum pages. It is fairly simple to add, just follow the directions, generate a usercode and passcode, and then copy the code into the html page you want protected. This one required my friends and family to have to add my website to the "Trusted Zone" in internet explorer otherwise it wouldn't work.
But now that I have PHP running with lighttpd, I am using this:
http://www.zubrag.com/scripts/password-protect.php
It requires PHP running, but I like it better than the first one. You have to save the password file in a different location, copy the code into your PHP file you want protected, and change the location in that code to where you saved the password file.
I am not sure how secure either of these are. But I just wanted to secure my pages and give family or friends access to them and keep the honest people out.
I am sure there are other ways out there that are more secure. But I don't know too much and have been happy to just get what I have running.
Offline
Hi Patrick. I'm not much more advanced than yourself, I don't think. I'll try to help a bit, if I can.
A few thoughts ...
First ... you're not really giving anyone on the forums enough information to help you debug. Most of the time, that means people will read your post and move on. How did you get lighttp running? Did you start with someone's fun_plug and binaries, or did you produce your own.
In most unix and linux configuration files, lines that start with a # are considered to be comments. The thing that reads information from the configuration file ignores those lines. When someone tells you to uncomment the line, they mean to ensure that the first character on the line isn`t #.
It looks like you started with a template, but didn't fill everything in. For example ... is the directory you're trying to password protect really called "to be protected dir"? That seems to be what's indicated in the conf file. Same goes for the users. If I understand your config, you're askig the server to require one of four users (xxx1, xxx2, xxx3, xxx4). Are those the users you listed in your auth.backend.plain.userfile (\lnx_bin\lib\.passwordfile)?
The steps to get lighttp to required authorized users are, at a very high level ...
- Make sure lighttp is loading the module mod_auth (restart lighttp or re-boot the d-link)
- Make sure that the plain.userfile you put in your .conf file exists, and contains a list of users. For a plaintext userfile, I think (check the documentation in the link Fonz posted) that the format is something like
bob:bobspassword
frank:frankspassword
mary:maryspassowrd
* The users and passwords will both be case sensitive I think.
- Make sure that you`ve configured your directories correctly. In the configuration file you posted, you`re asking lighttpd to secure two directories; /to be protected dir/ and /server-info. I suspect you either want to protect the root directory (/) or your photos directory. As well, for the first entry, you`re asking to to require very specific users. I get the impression that`s not what you`re trying to do, so
"require" => "valid-user" (which just tells lighttpd that any valid user that enters their correct password is okay) is good enough.
I hope that help.
Curtis
Offline
Curtis,
thanks for your clear story. Let me try to answer all questions.
-----
Hi Patrick. I'm not much more advanced than yourself, I don't think. I'll try to help a bit, if I can.
A few thoughts ...
Well this is the first time I have done any programming and ever even touched Linux so.......
---------------------
First ... you're not really giving anyone on the forums enough information to help you debug. Most of the time, that means people will read your post and move on. How did you get lighttp running? Did you start with someone's fun_plug and binaries, or did you produce your own.
I used the simple funplug I found on this site, which starts telnet, which starts the lighttpd.conf file
------
In most unix and linux configuration files, lines that start with a # are considered to be comments. The thing that reads information from the configuration file ignores those lines. When someone tells you to uncomment the line, they mean to ensure that the first character on the line isn`t #.
I did remove those, but didn't know these were the quotes. thats for that clarification.
----------------
It looks like you started with a template, but didn't fill everything in. For example ... is the directory you're trying to password protect really called "to be protected dir"? That seems to be what's indicated in the conf file. Same goes for the users. If I understand your config, you're askig the server to require one of four users (xxx1, xxx2, xxx3, xxx4). Are those the users you listed in your auth.backend.plain.userfile (\lnx_bin\lib\.passwordfile)?
I did fill in as much as I could but also changed some things on the text I posted. to be protected dir, I did fill the dir I wanted protected. The uses are stored in the file caled passwordfile in the same dir as where the lighttpd.conf file is located
---------------------
The steps to get lighttp to required authorized users are, at a very high level ...
- Make sure lighttp is loading the module mod_auth (restart lighttp or re-boot the d-link)
mod_auth is loaded as far as I think, as I called it in the lighttpd.conf file as shown above.....Is that enough, and done correctly?
I have rebooted, so it must then be loaded, correct?
-------------------------
- Make sure that the plain.userfile you put in your .conf file exists, and contains a list of users. For a plaintext userfile, I think (check the documentation in the link Fonz posted) that the format is something like
bob:bobspassword
frank:frankspassword
mary:maryspassowrd
* The users and passwords will both be case sensitive I think.
I have the users in the file and the file exists (and done in this formating) so that must be ok as well
-------------------
- Make sure that you`ve configured your directories correctly. In the configuration file you posted, you`re asking lighttpd to secure two directories; /to be protected dir/ and /server-info. I suspect you either want to protect the root directory (/) or your photos directory.
THis is the part that could be incorrect......
protecting the root is the easiest and best way probably, so I'll change the line:auth.require = ( "/to be protected dir/" => to auth.require = ( "/" => the root is then: server.document-root = "/mnt/HD_a2/www/". However all the files are stored in www, which is not the real root (I stored all these files in a seperate dir. Do I have to thus put them in the real root, If that is what I am protecting?
---------------------
As well, for the first entry, you`re asking to to require very specific users. I get the impression that`s not what you`re trying to do, so
"require" => "valid-user" (which just tells lighttpd that any valid user that enters their correct password is okay) is good enough.
So if I want to just valide users that enter their correct password., I have to remove the first part, leading to:
auth.require = ( "/" =>
(
"method" => "basic",
"require" => "valid-user"
)
)
WHich is then the end of the file.....
I hope that help.
Curtis
---------------
Thanks again for the help!!
Patrick
Last edited by pwvandeursen (2007-07-20 09:17:28)
Offline
Okay.
Sounds like you have most of the stuff in the .conf file setup. When you point a browser at your lighttpd server do you see a page of any description? Does it prompt you for a user/password?
In order to get your files to show-up under lighttpd, you'll probably have to create something called a symbolic link from your server.document-root ("/mnt/HD_a2/www/") to wherever the files you want to share live. Have you done that before?
So, for example, if your photos are under /mnt/HD_a2/photos, you should create a link from /mnt/HD_a2/www/photos to /mnt/HD_a2/photos (its sort of like a shortcut in windows). The syntax is:
ln -s /mnt/HD_a2/photos /mnt/HD_a2/www/books
* Keep in mind its case sensitive
Also ... have you thought about whether or not your server is externally available? i.e. how other people (not connected to your network) are going to connect to your server?
Curtis
Offline
Sorry, but I don't really understand what you mean by point the browser to the lighttpd server. you mean open the index.html file that is in the root? If that is the question it does not prompt for a password, it just shows me the page. If I log in remotely it can't find anything..
My photos are under /mnt/HD_a2/www/photo webpage. the first index file is in /mnt/HD_a2/www, which points to /mnt/HD_a2/www/photo webpage, so I'm not sure I need to incorporate a short cut.
Also, if I just use the normal conf file all works well, also from external.
btw, the whole reason for this is to have a password promted for people connecting externally, and not so much internally.
Patrick
Offline
the page loaded mentions: Problem loading file, cannot establish a connection at the server.......
Offline
Hi Patrick.
If you just "open" the index.html file (for example using 'File' | 'Open...' on internet explorer or double-clicking on the file in Windows Explorer), you're not using lighttpd to "serve" the web page. In order to get lighttpd to serve it to you, you would have to type something like
http://<name_of_your_dns-323>/index.html
in your address bar.
However, even if you`re successful doing that, that address is just an internal address. In other words, only computers on your home network will know about it, unless you have some sort of service through your internet service provider that allows all of your PCs to be exposed to the internet.
If and when we run into that hurdle, I`ll probably have to google you up a tutorial or something, becuase that`s a lot to step someone through in a forum.
If your photos live underneath the server.document.root directory (looks like it does) you won`t need the symlink.
Hope that helps,
Curtis
Offline
Curtis, thanks again.
fortunately, I have forwarded the external port to the DNS, so externally, I can reach my photo's. All works well without the auth. module. Once I add the lines to my conf. file to start the authentification, I can no longer reach the webpage. I have been fiddeling here a lot, but can get it to work. my real file now looks like this:
----------------------
server.document-root = "/mnt/HD_a2/www/"
server.port = 3000
server.username = “lighttpd”
server.groupname = “lighttpd”
server.modules = (
“mod_auth”
)
mimetype.assign = (
".html" => "text/html",
".txt" => "text/plain",
".jpg" => "image/jpeg",
".png" => "image/png")
index-file.names = ( "index.php", "index.html", "index.htm", "default.htm" )
## debugging
# 0 for off, 1 for 'auth-ok' messages, 2 for verbose debugging
auth.debug = 0
auth.backend = "plain"
auth.backend.plain.userfile = "lighttpd-plain.user"
auth.require = ( "/"
(
"method" => "basic",
"require" => "valid-user"
)
)
-----------------
the photos are served though JAlbum, and its index file resides in /www/photo webpage/ (which is linked to from my index.html file, which is in /www/)
just to be clear, the conf. file is in /lnx_lib, this is also where the password file called "lighttpd-plain.user" resides.
If this is all correct, I think I have to give up.......please let me know
Patrick
Offline
Hi Patrick,
I got it working - finally! - on my side. For me as a Unix beginner it was not really painfree. Anyway, let me show you how my config file looks like.
I am using Notepad++ to create UNIX format text files on a Win machine.
You can also look at the attached lighttpd.conf file as a reference.
At the beginning of the file I uncommented "mod_auth" so it gets loaded.
These are the changes in the auth module config section
#### auth module
## read authentication.txt for more info
auth.debug = 1
auth.backend = "plain"
auth.backend.plain.userfile = "/mnt/HD_a2/fun_plug.d/etc/lighttpd.user"
#auth.backend.plain.groupfile = "lighttpd.group"
## for htpasswd
#auth.backend.htpasswd.userfile = "/mnt/HD_a2/fun_plug.d/etc/lighttpd-htpasswd.user"
## for htdigest
#auth.backend.htdigest.userfile = "/mnt/HD_a2/fun_plug.d/etc/lighttpd-htdigest.user"
#auth.backend.ldap.hostname = "localhost"
#auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
#auth.backend.ldap.filter = "(uid=$)"
auth.require = ( "/" =>
(
"method" => "basic",
"realm" => "slideshow",
"require" => "valid-user"
)
)
I then put the lighttpd.user file with username:password in the funplug.d/etc directory.
I got everything but ldap running by now (haven't looked at that yet).
Hint: It is always useful to double check is lighttpd is running (use PS at the telnet console). If it isn't there is probably a problem with the config file or password file.
You can also kill lighttpd and restart it manually to try new conf files.
Let me know if this works for you.
Regards
Thomas
Offline
Thanks a lot , I'll try that.
in the mean time could you explain to me what the line:
"realm" => "slideshow",
does and how it works? Do I need it?
Patrick
Offline
other question where to store the mod_auth.la and .so file?
Offline
pwvandeursen wrote:
other question where to store the mod_auth.la and .so file?
in fun_plug.d/bin/lib/
Offline