On this page

Mixing Apache Authentication

Mixing PAM

Linux

How to mix PAM authentication (mod_auth_pam) and text file authentication (mod_auth) with Apache. First install this package:

  apt-get install libapache2-mod-auth-pam

Then configure your htaccess:

  AuthPAM_Enabled on
AuthPAM_FallThrough on
AuthAuthoritative Off
AuthUserFile /etc/apache2/htpassword
AuthType Basic
AuthName "Restricted Access"
Require valid-user

If mod_auth_pam doesn’t find a valid user, it falls back to mod_auth authentication automatically.

Here is another example with webdav:

      Alias /webdav /var/www/ngs
    <Location /webdav>
        DAV On
        AuthPAM_Enabled on
        AuthBasicAuthoritative Off 
        AuthPAM_FallThrough off 
        AuthUserFile /dev/null
        AuthType Basic
        AuthName "Webdav Authentication"
        Require group ngs 
    </Location>

OpenBSD

On OpenBSD, I had to install mod_auth_bsd:

  pkg_add -iv mod_auth_bsd

Then, enable the module for Apache:

  /usr/local/sbin/mod_auth_bsd-enable

Then restart Apache this way:

  apachectl stop
apachectl start

Then in the Apache configuration /var/www/conf/http.conf, add this:

  AuthBSDGroup auth

<Directory /var/www/htdocs/private>
   SSLRequireSSL
   AuthType Basic
   AuthName "ACME Login"
   AuthBSD On
   Require valid-user
</Directory>

Restriction by IP address

Imagine using Jinzora. You don’t want all your music to be accessible on the web. Simply add this to your VirtualHost configuration:

  vi /etc/apache2/sites-enabled/000-default@

  <Location /jinzora>
        Order deny,allow
        Deny from all
        Allow from 192.168.0.0/24
</Location>

This will allow all the 192.168.0.0 subnet to access your website. Then reload Apache:

  /etc/init.d/apache2 reload

Restriction by htaccess

This documentation is on how to protect a directory by htaccess (login + password).

Insert these lines and adapt to your configuration (/etc/apache2/sites-enabled/000-default):

          <Directory /var/www/myhtaccess>
                AllowOverride AuthConfig
                Order allow,deny
                allow from all
        </Directory>

Then create a file .htaccess in /var/www/myhtaccess and put this:

  AuthType Basic
AuthName "Acces Prive"
AuthGroupFile /dev/null
AuthUserFile /etc/apache2/htaccesspassword

<Limit GET POST>
        Require valid-user
</Limit>

php_value magic_quotes_runtime 1
php_value magic_quotes_gpc 1

Then create your access file with the user (/etc/apache2/htaccesspassword):

  htpasswd -c /etc/apache2/htaccesspassword username

For the next time, to add users, just remove “-c” like this:

  htpasswd /etc/apache2/htaccesspassword username

Don’t forget to restart Apache.

For a good documentation, follow this: Documentation on Htaccess

Authentication by Countries

Deny Or Allow Countries With Apache htaccess

Authentication through Radius

Here is how to authenticate through a radius server:

Radius Authentication
How To Configure Apache To Use Radius For Two-Factor Authentication On Ubuntu

Edit this page

Last updated 11 Apr 2010, 15:02 CEST. history

Awstats: Setting up Awstats, a Web Logs Interpreter

Introduction to SQL

Mixing Apache Authentication

Mixing PAM link

Linux link

OpenBSD link

Restriction by IP address link

Restriction by htaccess link

Authentication by Countries link

Authentication through Radius link