|
Root folder www - Access
|
All public pages are served from root folder www (also known as htdocs in a Unix environment). By default this folder is locked down, only allowing local access. Opening up your server for public or intranet access and optionally restricting access using a name and password are described below.
Note 1: This menu option requires an .htaccess file in the root folder www. If this file does not exist your are given an option to create it.
Note 2: If it does not already exist a backup htaccess file (.htaccess_back) is created. This allows the original file to be manually restored.
Overview
Apache > Access and Passwords > Folder www access and passwords
This menu is split into three sections as follows:
- Enter name and password: This section allows you to change the access name and password; the defaults are set to root:root.
- Delete defaults.
- A) Select the name-password pair root:root.
- B) Click "Delete Selected" button.
- Generally for a private server a single name and password are used.
- C) Enter name
- D) Enter password
- E) Click "Add to list" button
- Repeat the above for additonal name-password pairs.
- Enable or Disable Password: Radio buttons enables or disables the use of a password to access root folder www. Default is disabled.
- Apache Server Access: This section allows you to set who can gain access to root folder www. Default is local access only.
|
|
Note 1: Server access is controlled using an .htaccess file. This can be directly edited.
Note 2: Apache does not require restarting all changes take effect immediately.
Background information
There are three ways of restricting access to documents: either by IP address, hostname or by asking for a username and password. The first two are very similar and can be used to restrict access on an intranet. The last option allows users to be restricted on an individual basis using a username and password. This process is commonly referred to as user authentication. The Uniform Server can restrict access using both IP address and user authentication.
Setting up user authentication requires two steps. First you create a file containing a list of usernames and passwords. Secondly you specify what resources are to be protected and which users are allowed to access them. Setting up IP address access requires only server configuration. Server configuration uses an .htaccess file located in the folder it is protecting (root folder www). This allows configuration to take immediate effect and does not require a server restart.
Creating a password file
A list of users and passwords needs to be created in a file. For security, this file must be located outside of the document root. The Uniform Server Zero is pre-configured and uses file: UniServerZ\htpasswd\www\.htpasswd
The file contains a list of name and password pairs, each on a single line.
The name and password are separated using a colon.
The default is root:root
Important default passwords are compromised always delete them.
|
root:root
mike:fred123
john:xyz45
dave_smith:za123
mike smith:good1234
|
Edit or change password
- A) Select existing name-password pair to be changed.
- B) Click "Delete Selected button" removes old name-password. Updates password file.
- Add new name-password see below.
Add name/password pair to list
- C) Enter new name
- D) Enter new password
- E) Click "Add to List" This updates password file.
|
|
Note: The menu provides a convenient way to enter names and passwords. You can edit the file UniServerZ\htpasswd\www\.htpasswd directly using a text editor.
Enable or disable name password access
Server configuration uses an .htaccess file located in root folder UniServerZ\www. It is pre-configured for basic authentication, default is basic authentication disabled. Four lines (Apache directives) in this configuration file control authentication and are edited as follows:
Enable authentication
- G) Click radio button Password enabled
- Alternatively edit file UniServerZ\www\.htaccess and uncomment (remove #) four lines as shown:
AuthName "Uniform Server - Server Access"
AuthType Basic
AuthUserFile ../../../htpasswd/www/.htpasswd
Require valid-user
Disable authentication
- F) Click radio button Password disabled
- Alternatively edit file UniServer\www\.htaccess and comment (add #) to four lines as shown:
#AuthName "Uniform Server - Server Access"
#AuthType Basic
#AuthUserFile ../../../htpasswd/www/.htpasswd
#Require valid-user
|
|
Note: Menu provides a convenient way to enable or disable authentication.
Change Access
Server configuration uses an .htaccess file located in root folder UniServerZ\www. It is pre-configured to allow local access only. Four lines (Apache directives) control who can access to the server. These lines are edited as follows:
Local Access
- H) Click radio button Local Access
- Alternatively edit file UniServerZ\www\.htaccess and uncomment (remove #) four lines as shown:
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Local and Intranet Access
- I) Click radio button Local and Intranet Access
- Alternatively edit file UniServerZ\www\.htaccess and uncomment (remove #) four lines as shown:
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
Allow from ::1
Local, Intranet and Internet Access
- J) Click radio button Local, Intranet and Internet Access
- Alternatively edit file UniServerZ\www\.htaccess and comment (add #) to four lines as shown:
#Order Deny,Allow
#Deny from all
#Allow from 127.0.0.1
#Allow from ::1
|
Deny from all. No one allowed access
Allow from 127.0.0.1 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 Access is restricted to locahost and Intranet
Allow from 127.0.0.1 Access is restricted to locahost (127.0.0.1) ipv4
Allow from ::1 Access is restricted to locahost (::1) ipv6
Note: The menu provides a convenient way to change and restrict access.
|
--oOo--
|