User Tools

Site Tools


Sidebar


Здравствуйте!

Меня зовут Михаил!
Я системный администратор
и наполняю эту wiki,
решая разнообразные IT-задачки.

Моя специализация - виртуализация!

Я всегда готов помочь Вам
наладить IT-инфраструктуру
за скромное вознаграждение!

mike@autosys.tk
+7 (910) 911-96-23

linux_faq:виртуальные-пользоваватели-lighttpd-how-to-use-authentication-with-lighttpd-htpasswd

How to use authentication with Lighttpd (htpasswd)

In this example, we will setup basic authentication for Lighttpd. Let’s imagine, for the purpose of this tutorial, that you want to secure a directory where you store some sort of reports. Those will be served on reports.example.com. By default, they will be accessible to anyone. And we don’t want that.

Configs are done on a Debian-based system. For RedHat-based users, your mileage might vary a bit.
Minimal vhost example

$HTTP["host"] == "reports.example.com" {
server.document-root                = "/var/www/reports.example.com"
accesslog.filename                  = "/var/log/lighttpd/reports.example.com.access.log"
server.errorlog                     = "/var/log/lighttpd/reports.example.com.error.log"
}

That will be the starting base of our example.

Step 1: load mod_auth

We need to instruct lighttpd to load it’s authentication module by editing /etc/lighttpd/lighttpd.conf to add mod_auth to the server.modules section.

Step 2: create a password file

In order to do that, we will need to install the package apache2-utils (using apt-get). It will provide us with the command htpasswd. Lighttpd doesn’t have an equivalent tool, but since we’ll use that authentication mechanism, we still need it.

root@server:~# htpasswd -c /etc/lighttpd/htpasswd jsmith
New password:
Re-type new password:
Adding password for user jsmith

NOTE: Never put your password file under your document root!

Step 3: add the authentication config to your vhost

Our vhost will now look like this:

$HTTP["host"] == "reports.example.com" {
server.document-root                = "/var/www/reports.example.com"
accesslog.filename                  = "/var/log/lighttpd/reports.example.com.access.log"
server.errorlog                     = "/var/log/lighttpd/reports.example.com.error.log"
# Authentication config
auth.debug                          = 2
auth.backend                        = "htpasswd"
auth.backend.htpasswd.userfile      = "/etc/lighttpd/htpasswd"
auth.require = ( "/" => ( "method" => "basic", "realm" => "Restricted access", "require" => "user=jsmith" ) )
}

At this point, all that’s left to do is to restart lighttpd. The next time you access http://reports.example.com, you will be prompted for credentials.

Discussion

Enter your comment. Wiki syntax is allowed:
U F Q J K
 
linux_faq/виртуальные-пользоваватели-lighttpd-how-to-use-authentication-with-lighttpd-htpasswd.txt · Last modified: 2015/04/09 14:08 (external edit)