1. Install apache
root@sles #zypper in apache
Loading repository data...
Reading installed packages...
'apache' not found in package names. Trying capabilities.
Resolving package dependencies...
The following NEW packages are going to be installed:
apache2 apache2-prefork apache2-utils libapr-util1 libapr1
The following recommended package was automatically selected:
apache2-prefork
5 new packages to install.
Overall download size: 1.4 MiB. After the operation, additional 3.4 MiB will be used.
Continue? [y/n/?] (y):
Start the daemon and test the http server.
root@sles #service apache2 start
root@sles #apache2ctl -t
Syntax OK
Go to a web browser and enter the server’s IP. Make sure the port 80 is open.
At this point I get an Error 403 - Access forbidden
2. Configure access
Access is forbidden by default in SUSE for security reasons, therefore one must unlock the directories which apache should serve.
The main configuration file is located at /etc/apache2/httpd.conf, and the default server file at /etc/apache2/default-server.conf.
This entry defines the location of your web files:
DocumentRoot "/srv/www/htdocs"
I will change it to
DocumentRoot "/srv/www/ksovi.eu"
and
in /etc/apache2/default-server.conf.
By default the server is looking for an index file. To be able to access the web server I need to create one.
root@sles #touch /srv/www/ksovi.eu/index.html
root@sles #echo test > /srv/www/ksovi.eu/index.html
At this point I no longer see the 403 Error.
4. User directories
To access user directories I need to create a public_html directory in the user’s home and assign it the right permissions
root@sles #mkdir /home/ovi/public_html
root@sles #chmod o+x /home/ovi/public_html
root@sles #chmod o+x /home/ovi/
5. Set up password authentication
You will need to create an .htaccess file (hidden) in the root directory you want to restrict access to, and change the AllowOverride option in the config file.
Edit /etc/apache2/default-server.conf
Change
AllowOverride None
to
AllowOverride AuthConfig
Note: If you want to do this for user directories, change this option in /etc/apache2/mod_userdir.conf
Create the passwords file. Ideally in a location not exported by the web server.
root@sles #htpasswd2 -c /usr/share/apache2/passwd/passwords ovi
New password:
Re-type new password:
Adding password for user ovi
root@sles #
To tell the server to require a user and password, I can do so editing the httpd.conf file, or placing a .htaccess file inside the protected directory.
At the end of httpd.conf place this entry:
<Directory /srv/www/ksovi.eu/>
AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
AuthUserFile /usr/share/apache2/passwd/passwords
Require user ovi
</Directory>
Restart the apache2 daemon, and the next time I access the server I am prompted for a username and password.
To use .htaccess you need to create the file in the protected directory and place the same code in it:
root@sles #vi /srv/www/ksovi.eu/.htaccess
AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
AuthUserFile /usr/share/apache2/passwd/passwords
Require user ovi
Do not include the <Directory> lines in the .htaccess file.