Difference between revisions of "Protect some page with password"

From Kolmisoft Wiki
Jump to navigationJump to search
(Created page with '=About= This is an <u>advanced</u> configuration, most probably your desired setup can be achieved with accountant permissions. ==How to protect some…')
 
Line 16: Line 16:
1. Create an Apache password file:
1. Create an Apache password file:


  htpasswd -c -b -m /home/mor/custome_areas_htpasswd admin your_password
  htpasswd -c -b -m /home/mor/custom_area_htpasswd admin your_password


2. Open Apache configuration:
2. Open Apache configuration:
Line 42: Line 42:
   AuthType Basic
   AuthType Basic
   AuthName "MOR"
   AuthName "MOR"
   AuthUserFile /home/mor/custome_areas_htpasswd
   AuthUserFile /home/mor/custom_area_htpasswd
   Require valid-user
   Require valid-user
  </Location>
  </Location>
Line 49: Line 49:
   AuthType Basic
   AuthType Basic
   AuthName "MOR"
   AuthName "MOR"
   AuthUserFile /home/mor/custome_areas_htpasswd
   AuthUserFile /home/mor/custom_area_htpasswd
   Require valid-user
   Require valid-user
  </Location>
  </Location>

Revision as of 08:33, 17 August 2011

About

This is an advanced configuration, most probably your desired setup can be achieved with accountant permissions.


How to protect some page/actions using simple Apache password?

For this example we will setup Apache to not allow Calling Cards Batch management and to do a manual payment for card without an additional password. For these actions are used these addresses in MOR:


http://YOUR_IP/billing/cards/act?cg=3

and

http://YOUR_IP/billing/cards/card_pay/22?cg=3

1. Create an Apache password file:

htpasswd -c -b -m /home/mor/custom_area_htpasswd admin your_password

2. Open Apache configuration:

cd /etc/httpd/conf/
mcedit httpd.conf
and edit to look like this:
RewriteCond %{REQUEST_URI} !^/billing/public
RewriteRule ^/billing(/.*)?$   /billing/public
<Directory /var/www/billing/public/>
 Options ExecCGI FollowSymLinks
 AllowOverride All
 Allow from all
 Order allow,deny 
</Directory>
<Directory /var/www/html/stats/>
 AddHandler cgi-script .pl
 Options +ExecCGI
 DirectoryIndex index.pl
</Directory>

<Location "/billing/cards/act">
 AuthType Basic
 AuthName "MOR"
 AuthUserFile /home/mor/custom_area_htpasswd
 Require valid-user
</Location>

<Location "/billing/cards/card_pay">
 AuthType Basic
 AuthName "MOR"
 AuthUserFile /home/mor/custom_area_htpasswd
 Require valid-user
</Location>