Author Photo

Ahmer's SysAdmin Recipes is a blog for Linux System Administrators. This blog provides recipes for Installation & Configuration of Linux, Ubuntu, Oracle Database, MySQL, Apache, Nginx, Oracle Cloud Control, FreeIPA, Kerberos & OpenLDAP, Subversion, PXE, DevOps, etc. over Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu and Windows.

Please give me your feedback and help me improve this blog. Please let me know If you want me to write on a specific topic.

Tuesday, 12 April 2016

Configure Basic Authentication with Apache HTTP Server

Configure Basic Authentication with Apache HTTP Server1Sometimes we have sections of websites (especially admin panels), that we don’t want to be accessed by public. Most of the web applications have their own authentication methodology but we can also create another layer of security by means of Basic Authentication with Apache HTTP Server.

In this article, we will enable Basic Authentication for the setup directory of phpMyAdmin application with Apache HTTP Server.

Read Also: Deploy phpMyAdmin on LAMP Server

 

System Specification:

We have a preconfigured LAMP Server, and we have deployed phpMyAdmin application on it.

Hostname: lampserver.example.com
IP Address: 192.168.79.130/24
Operating System: CentOS 7.0 Server
Web Server: Apache/2.4.6

 

Configure Basic Authentication:

First of all, we must create a password file that Apache can read. For this purpose, we can use htpasswd command. htpasswd command is packaged with httpd-tools package. However, you may found it in apache2-utils package while installing on other Linux distros.

Check if required packages are already installed on the Server.

[root@lampserver ~]# rpm -qa | grep httpd
httpd-tools-2.4.6-40.el7.centos.x86_64
httpd-2.4.6-40.el7.centos.x86_64
[root@lampserver ~]#

Since, we have a preconfigured LAMP Server, therefore, the httpd-tools package is already installed on our machine.

Create password file and add two users. Omit the –c option while adding the second user to already created .htpasswd file, or it will overwrite the file.

[root@lampserver ~]# htpasswd -c /var/www/html/phpmyadmin/setup/.htpasswd ahmer
New password:
Re-type new password:
Adding password for user ahmer
[root@lampserver ~]# htpasswd /var/www/html/phpmyadmin/setup/.htpasswd mansoor
New password:
Re-type new password:
Adding password for user mansoor

Check contents of the password file.

[root@lampserver ~]# cat /var/www/html/phpmyadmin/setup/.htpasswd
ahmer:$apr1$OLXoiAD6$gtz1kEOcGXXSPVTHARTBt1
mansoor:$apr1$W1rsynDg$VLbBWc2neqIq3W3LHmfuo1
[root@lampserver ~]#

As you know, we can alternatively define Apache directives at various locations like

a) in httpd.conf file,
b) in a separate .conf file created within /etc/httpd/conf.d directory, or
c) override by using a .htaccess file.

If you have set Allow Override for your web site than you can implement Basic Authentication using .htaccess file. One advantage of .htaccess is that, it won’t require the httpd service to restart after configuration. So, for a busy web server, this technique is better.

[root@lampserver ~]# cat >> /var/www/html/phpmyadmin/setup/.htaccess << EOF
> AuthType Basic
> AuthName "Restricted Content"
> AuthUserFile /var/www/html/phpmyadmin/setup/.htpasswd
> Require valid-user
> EOF

[root@lampserver ~]#

Now, try to access the URL http://192.168.79.130/phpmyadmin/setup/ using your browser. it will ask you for authentication.

Apache Basic Authentication Login

Now, you have to login with a valid user and password to get access to this section of website.

phpMyAdmin Homepage

Basic Authentication with Apache web server has been configured successfully.

Configure Basic Authentication with Apache HTTP Server


YOU MIGHT ALSO LIKE:

No comments:

Post a Comment