CSC

CRIPTOGRAFIE ȘI SECURITATE CIBERNETICĂ

 

Laborator

6. Securitatea comunicațiilor web


HOME : Apache httpd


Apache httpd : Basic Authentication
 
Set Basic Authentication to limit access on specific web pages.
[1]
Username and password are sent with plain text on Basic Authentication,
so Use secure connection with SSL/TLS setting, refer to here.
[2] Configure httpd.
For example, set Basic Authentication to the directory [/var/www/html/auth-basic].
[root@www ~]#
vi /etc/httpd/conf.d/auth_basic.conf
# create new

<Directory /var/www/html/auth-basic>
    SSLRequireSSL
    AuthType Basic
    AuthName "Basic Authentication"
    AuthUserFile /etc/httpd/conf/.htpasswd
    Require valid-user
</Directory> 

# add a user : create a new file with [-c]

[root@www ~]#
htpasswd -c /etc/httpd/conf/.htpasswd fedora

New password:    
# set password

Re-type new password:
Adding password for user fedora
[root@www ~]#
mkdir /var/www/html/auth-basic

[root@www ~]#
systemctl restart httpd
# create a test page

[root@www ~]#
vi /var/www/html/auth-basic/index.html
<html>
<body>
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for Basic Authentication
</div>
</body>
</html>
[3] Access to the test page from any client computer with web browser. Then authentication is required as settings, answer with a user added in [1].
[4] That's OK if authentication is successfully passed and test page is displayed normally.

...

 

 

 

CSC

curs,laborator,

proiect,referat

Master - RCC

an 2

(FIESC)