linux_wiki:configure_access_restrictions_on_directories

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
linux_wiki:configure_access_restrictions_on_directories [2018/04/07 23:18]
billdozor [Setup Directory and SELinux] 		linux_wiki:configure_access_restrictions_on_directories [2019/05/25 23:50] (current)
Line 12: Line 12:
   * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here   * server1.example.com (192.168.1.150) -> Perform all connectivity tests from here
   * server2.example.com (192.168.1.151) -> Install Apache Web Server here   * server2.example.com (192.168.1.151) -> Install Apache Web Server here
 +
 +**Previous Sections Completed**
 +  * [[linux_wiki:network_services_overview_apache_web_server|Install/Configure]]
 +    * Except leave listening on port 80/tcp
 +  * [[linux_wiki:configure_a_virtual_host|Virtual Host Config]]
  
 ---- ----
Line 27: Line 32:
   ErrorLog logs/redsite-error_log   ErrorLog logs/redsite-error_log
   CustomLog logs/redsite-access_log combined   CustomLog logs/redsite-access_log combined
 +  
 +  <Directory "/data/redsite">
 +    Options None
 +    AllowOverride None
 +    Require all granted
 +  </Directory>
 </VirtualHost> </VirtualHost>
 </code> </code>
Line 68: Line 79:
  
 \\ \\
-Create a private file+Create a private index file
 <code bash> <code bash>
-echo "This is for certain people only." > /data/redsite/private/secret.txt+echo "This is for certain people to view only." > /data/redsite/private/index.html
 </code> </code>
  
Line 88: Line 99:
 restorecon -Rv /data/redsite/ restorecon -Rv /data/redsite/
 </code> </code>
 +  * Reminder: man semanage-fcontext  (EXAMPLE at the bottom)
  
 ===== Restrict Access ===== ===== Restrict Access =====
  
-Change document root +**Help**: Available if you installed 'httpd-manual'<code bash>elinks /usr/share/httpd/manual/howto/auth.html</code>
-<code bash> +
-vim /etc/httpd/conf/httpd.conf +
- +
-DocumentRoot "/var" +
-</code>+
  
 \\ \\
-Allow an "AuthConfig" override (htaccess file) for the /var/user1dir file+Create password for the user
 <code bash> <code bash>
-<Directory /var/user1dir> +htpasswd -c /etc/httpd/conf/userdb user1
-  AllowOverride AuthConfig +
-</Directory>+
 </code> </code>
 +  * Prompted for a password
  
 \\ \\
-Create htaccess file in user1's directory +Edit the vhosts.conf file and add this additional Directory part in the redsite virtualhost 
-<code bash> +<code bash>vim /etc/httpd/conf.d/vhosts.conf
-vim /var/user1dir/.htaccess+
  
-AuthType Basic +<VirtualHost *:80> 
-AuthName "Password Protected Private Dir - Enter Login Credentials:" +  ServerName redsite.example.com 
-AuthUserFile "/etc/httpd/conf/.userdb" +  DocumentRoot /data/redsite 
-Require user valid-user +  #....SNIP....#
-</code>+
  
-\\ +  <Directory "/data/redsite/private"
-Create password for the user +    AuthType Basic 
-<code bash> +    AuthName "Restricted Area" 
-htpasswd -c /etc/httpd/conf/.userdb user1 +    AuthUserFile "/etc/httpd/conf/userdb" 
-</code+    Require valid-user 
-  * Prompted for a password +  </Directory> 
- +</VirtualHost>
-\\ +
-Change permissions on the userdb file +
-<code bash> +
-chown :apache /etc/httpd/conf/.userdb +
-chmod 640 /etc/httpd/conf/.userdb+
 </code> </code>
  
Line 140: Line 139:
 Visit restricted directory Visit restricted directory
 <code bash> <code bash>
-elinks http://testsite.example.com/user1dir+elinks http://redsite.example.com/private/
 </code> </code>
   * elinks may need to be installed first (yum install elinks)   * elinks may need to be installed first (yum install elinks)
  • linux_wiki/configure_access_restrictions_on_directories.1523157506.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)