implement website access security for internal/external users
e-smith release: 4.1.x
Author: Darrell May
Problem: You want to restrict access to your website (or even individual website subdirectories) by forcing an SSL connection and requiring username/password authentication for internal and external users.
Solution: Customize /etc/httpd/conf/httpd.conf and implement an encrypted password access file using the htpasswd command.
STEP 1: Create a custom entry for
the /etc/httpd/conf/httpd.conf file.
This requires creating a /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf fragment that meets your needs. So in this example I have created an ibay named test and wish to restrict access to two users. You need to create the template fragment, expand the template, restart httpd and then create the AuthUserFile.
Copy and paste the section below and save the file. What we are doing is forcing SSL by using the RequireSSL directive and forcing authorization via the Auth* directives.
Step 2: Expand the template and restart the httpd service
The first line uses the -c option which creates the file. The -b option is to inform the command the user password will be included in the command line. Subsequent commands must not use -c or the file will be overwritten as opposed to be updated.
/usr/bin/htpasswd -cb /etc/httpd/conf/htpasswd.test user1 password1
To view the results simply look at the file your created. It includes the usernames entered and their encrypted passwords.
Step 4: Give it a try.
Browsing to https://yourdomain.com/test should bring up a login dialog. Enter one of the username/passwords entered above and you should gain access to the web page.