←July→
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
1 |
2 |
3 |
4 |
5 |
| 6 |
7 |
8 |
9 |
10 |
11 |
12 |
| 13 |
14 |
15 |
16 |
17 |
18 |
19 |
| 20 |
21 |
22 |
23 |
24 |
25 |
26 |
| 27 |
28 |
29 |
30 |
31 |
|
|
|
|
Thu, Jun 12, 2025 9:34 pm
Changing a user's password in an htpasswd file or deleting a user from the file
An .htpasswd
file can be used to control access to specific directories that
visitors to a web server can access when the web server is an Apache web
server. Entries in the file can be added, modified, or deleted using
the htpasswd utility, which may be in the /bin directory
on a Linux sysem.
To update a password for a user listed in an .htpasswd file, a command
in the form htpasswd htpasswdFileLocation user
where htpasswdFileLocation is the location and name for the
.htpassword file on the system and user is a specific user listed
in that file. The htpasswd utility will prompt for a new password and
then prompt you to retype it to ensure there has not been a typo when
the new password was provided. E.g.:
# htpasswd /home/jdoe/music/.htpasswd mary
New password:
Re-type new password:
Updating password for user mary
#
If you wish to delete an entry for a user in the .htpasswd file, you can
use a command in the form htpasswd -D htpasswdFileLocation
user. The -D indicates the entry for the user
should be deleted. The response will indicate the password for the user
was deleted, which is true, but that indicates the entire entry for that
user was removd from the file. E.g.:
# htpasswd -D /home/jdoe/music/.htpasswd manny
Deleting password for user manny
#
Related
-
Apache AllowOverride AuthConfig
Directive
Date: May 13, 2008
[/network/web/server/apache]
permanent link
Mon, Mar 07, 2016 10:48 pm
Determining the modules which are loaded in Apache
The
Apache HTTP server software supports many features
via
compiled
modules which extend the core functionality of the web server software.
Modules support various authentication methods,
URL
rewriting,
proxying, etc. You can check on what modules are loaded
using the command
httpd -t -D DUMP_MODULES or with PHP using
apache_get_modules().
[ More Info ]
[/network/web/server/apache]
permanent link
Fri, Jan 22, 2016 5:12 pm
New site - You don't have permission to access / on this server
After adding a VirtualHost section to
/etc/httpd/conf/httpd.conf
on an Apache web server, when I tried accessing the site I saw the message
below:
Forbidden
You don't have permission to access /
on this server.
I'd encountered the problem in the past when there was a problem with
permissions on the user's home directory. I didn't see any log files for the
site in the directory under the user account, either, where the
ErrorLog and CustomLog directives in the
VirtualHost section for the website should have placed them. I checked the
access for the user's home directory and found that the only access to that
directory was read, write, and execute access for the user's account.
# ls -ld /home/jim
drwx------ 5 jim jim 4096 Jan 22 21:44 /home/jim
When I added "search" access for the group and all users to the user's home
directory from the root account, I was able to access the website from a
browser.
I.e., the cause of the problem had been the same as the last time I
encountered the error message.
[/network/web/server/apache]
permanent link
Sun, Nov 09, 2014 10:54 am
Determining when Apache was last restarted
If you need to determine the time that an Apache web server was last restarted,
you can look for the word "resuming" in the Apache error log file. On a CentOS
Linux system, you can use the command
grep resuming
/var/log/httpd/error_log.
# grep resuming /var/log/httpd/error_log
[Sun Nov 09 03:29:02.631763 2014] [mpm_prefork:notice] [pid 20663] AH00163: Apac
he/2.4.6 (CentOS) configured -- resuming normal operations
[/network/web/server/apache]
permanent link
Wed, Nov 05, 2014 10:38 pm
You don't have permission to access / on this server error
After adding a virtual host section for a website to Apache's
httpd.conf file on a Linux system, I restarted Apache and tried
viewing the website with a browser. Instead of seeing the home page for the
site, I saw:
Forbidden
You don't have permission to access / on this server.
When I looked in the error log for the site, I saw the following:
[Wed Nov 05 21:27:30.519520 2014] [core:error] [pid 4471] (13)Permission denied: [client 207.255.181.210:1604] AH00035: access to / denied (filesystem path '/home/jdoe/public_html') because search permissions are missing on a component of the path
[Wed Nov 05 21:27:31.179045 2014] [core:error] [pid 4471] (13)Permission denied: [client 207.255.181.210:1604] AH00035: access to /favicon.ico denied (filesystem path '/home/jdoe/public_html') because search permissions are missing on a component of the path
Checking the public_html directory and the directories
beneath it, I saw that owner, group, and world all had "execute" access,
i.e., the capability to search through the directories.
$ ls -ld public_html
drwxrwxr-x. 14 jdoe jdoe 4096 Nov 5 21:04 public_html
But, checking the user's home directory I found there was no access to it
except for the owner. When I changed that access to grant search access
to other accounts in the same group and all accounts, then the website became
visible.
$ chmod ga+x /home/jdoe
$ ls -ld /home/jdoe
drwx--x--x. 13 jdoe jdoe 4096 Nov 5 21:17 /home/jdoe
You can check the permissions on a directory and the directories
above it up to the root directory with just one command using
the namei -m command in the form namei -m
/path_to_directory/dirname. E.g.:
$ namei -m /home/jdoe/public_html
f: /home/jdoe/public_html
drwxr-xr-x /
drwxr-xr-x home
drwx--x--x jdoe
drwxrwxr-x public_html
[/network/web/server/apache]
permanent link
Wed, Mar 19, 2014 11:17 pm
AuthUserFile not allowed here
After setting up a redirect similar to the following in an .htaccess file in
a directory, I found that I would get a
500 Internal Server Error
with the message "The server encountered an internal error or
misconfiguration and was unable to complete your request." whenever I tried
to access a file in a password-protected subdirectory beneath the one
in which I had created the .htaccess file to have the Apache server
redirect visitors accessing an old .html file that I had replaced with a
.php one.
Redirect 301 /dir1/dir2/example.html /dir1/dir2/example.php
In the Apache error log for the website, I saw the following:
[Wed Mar 19 21:05:17 2014] [alert] [client 192.168.0.10] /home/jdoe/public_html/dir1/dir2/dir3/.htaccess: AuthUserFile not allowed here, referer: http://support.moonpoint.com/dir1/dir2/example.php
That error log entry was created when I clicked on a link I had
in example.php to access a file in the directory dir3, which was below the
one in which example.php was located.
To allow the redirect to work, I had inserted the following code in
the VirtualHost section for the website within Apache's
/etc/httpd/conf/httpd.conf file.
<Directory /home/jdoe/public_html/dir1/dir2>
AllowOverride FileInfo
</Directory>
The .htaccess file for controlling access to the subdirectory
dir1/dir2/dir3 had worked fine until I created another
.htaccess file above it in dir2 for the redirect. The one for controlling access
to dir3 with a username and password was similar to the following:
AuthUserFile /home/jdoe/public_html/.htpasswd-test
AuthGroupFile /dev/null
AuthName Testing
AuthType Basic
Require user test1
Because it contained AuthUserFile and
AuthGroupFile, but I didn't specify AuthConfig
within the <Directory> section for the virtual host
in the httpd.conf file, but only FileInfo
for AllowOverride, the authorization control no longer
worked. When I changed the AllowOverride line to that
shown below and restarted Apache with apachectl restart
then both the redirect for the file in dir2 and the HTTP
basic access
authentication method for files in the subdirectory dir3
beneath dir2 both worked.
<Directory /home/jdoe/public_html/dir1/dir2>
AllowOverride AuthConfig FileInfo
</Directory>
I had forgotten that by limiting AllowOverride to just
FileInfo for dir2, I was effectively nullifying any other
type of overrides in any subdirectores beneath it.
References:
-
Apache Core Feartures
Apache HTTP Server Project
[/network/web/server/apache]
permanent link
Sun, Mar 09, 2014 4:04 pm
Redirecting a URL on an Apache Web Server
If you are using an Apache webserver and you need to redirect visitors to
a webpage to another webpage, instead, one method of doing so is to use a
server-side redirect, which can be accomplished by inserting a redirect in
an .htaccess file, to the new page.
[ More Info ]
[/network/web/server/apache]
permanent link
Sun, Aug 08, 2010 1:45 pm
Restricting Access to an Apache Virtual Host
To restrict access to an Apache Virtual Host
by IP address, you will need to have the
mod_authz_host module loaded in the Apache configuration file
httpd.conf, which can usually be found at
/etc/httpd/conf/httpd.conf on
a Linux system. To determine if it is loaded, look for a line similar to the
following in the configuration file:
LoadModule authz_host_module modules/mod_authz_host.so
You can restrict access to a website that is set up as a virtual host by
including information on what IP addresses should have access to documents
on the website in a directory section Directory as shown below.
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster@example.com
DocumentRoot /home/www/example
ErrorLog /home/www/example/logs/error.log
CustomLog /home/www/example/logs/transfer.log common
<Directory /home/www/example>
Order Deny,Allow
Deny from all
Allow from 192.168 127.0.0.1
</Directory>
</VirtualHost>
In the case above, access to the document root of the website, i.e., all
documents on the website, is restricted to allow access only from IP addresses
beginning with 192.168 and 127.0.0.1, which is the "localhost" address, meaning
the address of the server itself. Anyone trying to access example.com
from any other IP address would see the default webpage for the server, if any,
not the example.com website.
References:
-
Access Control
The Apache HTTP Server Project
-
Apache Module mod_authz_host
The Apache HTTP Server Project
-
Learn how to configure Apache
Date: September 29, 2003
TechRepublic Articles
[/network/web/server/apache]
permanent link
Tue, Jun 02, 2009 10:43 pm
Active Log Monitor
If you want to view access to your website in realtime, i.e. see
what pages are being accessed as they are being accessed, you can
use the Active Log Monitor PHP script.
[ More Info ]
[/network/web/server/apache]
permanent link
Tue, Jun 02, 2009 5:11 pm
Apache Access Log Format
If you use the common log format for websites that reside on an Apache
webserver, you may not see the referer and agent, e.g. information on
visitors' web browsers, logged. You can switch to the combined log format
to have the additional information logged.
[ More Info ]
[/network/web/server/apache]
permanent link
Privacy Policy
Contact
