Own a web server,
create and test your own local homepage or for a whole LAN.
Everything without a space limit, but with CGI and password
security. No Problem - Apache has been already installed.
Apache is the most
used web server in the Internet. The reasons for this are the
stability and the excellent properties when high traffic occurs.
The web server is normally activated during the boot process as a
deamon and runs without a significant load on the system in the
background. The easiest way to see if the server is already
running on your system might be to look at, in Netscape (or
Arena, Lynx ...) the page http://localhost. If apache was installed, a default page
should appear. If not, apache needs to be installed. The rpm
package is included in the SUSE-distribution and should also be
available for and used in any other distribution. The source code
is available at http://www.apache.org.
Apache offers the possibility to
restrict with a password the access for single subdirectories.
The configuration therefore is very easy.
First you should create a
subdirectory where the restricted access files will be located:
>> mkdir /usr/local/httpd/htdocs/secure
Then you switch on
the support for password security in the configuration file. You
have to enter the following text in the file /etc/httpd/access.conf
| File /etc/httpd/ac cess.conf
|
# This controls which options the .htaccess
files in directories can
# override. Can also be "All", or any
combination of "Options", "FileInfo",&
nbsp;
# "AuthConfig", and "Limit" AllowOverride
AuthConfig
|
Now you have to create a file
where the passwords are saved. This file owns the corresponding
password for every user and should be placed at /usr/local/httpd/.
The creation of the file we want to
call "users" happens as follows. To create the password
for the user martin you execute:
>> htpasswd -c /usr/local/httpd/users martin
The program asks for a password
that is saved encrypted in the file "users". If you
want to add passwords for other users, the syntax is the same but
without the option "-c" (for create) since we already
created the file.
Inside of the
directory that has to be secure, you create the file with the
name .htaccess that handles
the password request for this directory:
| File /usr/local/ht tpd/htdoc/secure/.htaccess
|
AuthName "restricted
stuff"
AuthType Basic
AuthUserFile /usr/local/httpd/users require
user martin
# here you list the users
# who are separated by spaces
|
After a restart of the apache
server with :
>> /sbin/init.d/apache restart
,the password request should
appear if you want to see the secure directory with the web
browser.
Everyone knows
about the forms you could fill out in the Internet if you applied
for a service or wrote into a guestbook. These forms are usually CGI programs (Common
Gateway Interface). These read out the entered data and generate
the corresponding html pages. Of course, apache supports these
also and is configured to execute programs and scripts that are
in the directory /usr/local/httpd/cgi-bin as CGI scripts.
A big collection of scripts can be found at http://www.cgi-resources.com/ .
If you wanted to execute scripts even though they are not inside
of this directory (this may happen if you mirror your Internet
sites locally and want the CGI scripts to still be executable)
then you would need to make some changes in the file /etc/httpd/srm.conf
.
If you want to execute CGI scripts that are in the subdirectory
"NetMag/cgi-bin" which you find at "/usr/local/httpd/htdocs/NetMag",
a simple entry into the file /etc/httpd/srm.conf should do the trick:
| File /etc/httpd/sr m.conf |
#
ScriptAlias: This controls which directories contain
server scripts.
# Format: ScriptAlias fakename realname ScriptAlias /cgi-bin/ "/usr/local/httpd/cgi-bin/"
ScriptAlias /NetMag/cgi-bin/ "/usr/local/httpd/htdocs/NetMag/cgi-bin/"
|
The first four lines should
already be there and you just have to append the last line. Of
course you have to fit the paths to your local file structure. To
make the changes work, you have to restart the web server again
with:
>> /sbin/init.d/apache
restart
and now the scripts should work.
