TechRepublic|Forums|Security

Security

General discussion

  • Creator
    Topic
  • November 22, 2005 at 12:04 am #2178246

    Can i have more than one authuserfile

    Locked

    by workman_m · about 16 years, 6 months ago

    I have a bunch of domains running on a server. I wanted to have an htaccess file that was a master and included all the usernames and passwords of administrators….and then one unique to each domain
    I had hoped that i could have multiple authuserfiles that would be searched…but i cannot find any examples on the net… Can you have more than one line in an htaccess file for the AUTHUSERFILE?

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • November 26, 2005 at 8:04 pm #3043947

      Reply To: Can i have more than one authuserfile

      by toivo talikka · about 16 years, 6 months ago

      In reply to Can i have more than one authuserfile

      According to Apache documentation at http://httpd.apache.org/docs/2.0/howto/htaccess.html, .htaccess file is a “distributed configuration file” which is used and accessed on a per-directory basis. Please also note in the same context that “In general, you should never use .htaccess files unless you don’t have access to the main server configuration file.”

      There is a tutorial at http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html which shows how to use AuthUserFile and AuthGroupFile, if that helps.

      If you can set up one .htaccess file per directory or domain, you can have also have multiple AuthUserFiles in the system.

      If the administrators access the directories from inside your LAN, you can set up a second virtual host for the directory and link it to another internal IP address. When you define the entry for the virtual hosts, you can include the AuthUserFile directive there, instead of using the .htaccess file.

      Therefore ordinary users accessing the domain from outside the LAN using one internal IP address would be authenticated against one set of usernames in the file specified in the AuthUserFile entry and the administrators accessing the domain from inside the LAN using the second internal IP address would be authenticated against another set of usernames in the text file specified in the AuthUserFile entry in their settings.

      I have not tested it but you may be able to get away with setting up the AuthUserFile for the administrators in if the other users have access only to subdirectories under the document root.

  • Author
    Replies
Viewing 0 reply threads