CGI Authentication - Almost there . .. need a little help

chaos_coa · Regular Joined: Oct 11, 2007 Posts: 50

Hi - I have attempted to do this but so far was unsuccessful.

I have a few questions.

Do I rename the sample files to the 2 files I need:
sample.htaccess and sample.staccess to .htaccess and .staccess ?

That is what I did. (I am testing this locally - I setup ravennuke on a local box using Fedora 7 Linux from scratch - boy - now that was fun )

Ran this on the 2 files listed above:

chmod 777 .htaccess
chmod 777 .staccess

Put the paths in:

/var/www/html/.htaccess

and

/var/www/html/.staccess

Selected Admin CGIAuth from Admin Auth Auth

scanned for new admins

admin auth list

build CGIAuth file

Back to NS ACP in .staccess box clicked link = CGI Auth Setup

I get this:

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /var/www/html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------

I understand that I need to type that Admin name in here? Can you tell me where it goes? I am really bad at looking at an code examples and figuring where something should go?

Then I understand that I open the .htaccess file that I created using the sample.htaccess file and paste the text created by clicking on the CGI Auth Setup into the .htaccess file - chmod .htaccess and .staccess back to 666

Correct?

If you can help me with where the username goes I think I may just have it done !

Whew !

Gremmie · Posted: Mon Dec 10, 2007 8:43 pm

chaos_coa wrote:

Do I rename the sample files to the 2 files I need:
sample.htaccess and sample.staccess to .htaccess and .staccess ?

Yes, that will work.

chaos_coa wrote:

I get this:

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /var/www/html/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------

I understand that I need to type that Admin name in here? Can you tell me where it goes? I am really bad at looking at an code examples and figuring where something should go?

No, you need to put the admin login and hashed password in the .staccess file. You don't have to monkey with the above generated text at all. You just paste it over what is already there from the sample .htacess file.

chaos_coa wrote:

Then I understand that I open the .htaccess file that I created using the sample.htaccess file and paste the text created by clicking on the CGI Auth Setup into the .htaccess file - chmod .htaccess and .staccess back to 666

Correct?

Yes.

Just to amplify, your .staccess file should look like this:

Code:

your_admin_login:<hashed password goes here>

There are posts elsewhere in the forum on how to generate the hashed password that goes after the colon in the .staccess file.