Password protect lightsquid and other cgi files

Justinw

This has been brought up once on the board before.  In my particular case, I have need to password protect the lightsquid folder, but don't know how to approach since it doesn't really work with the auth.inc framework  as of now and mod_auth is disabled in lighty.  I did think of using sessions, but I would have to add snippets to every cgi in the lightsquid folder.  Any ideas would be greatly appreciated.

Also, if you have tried to enable mod_auth, please let me know if you were successful in doing so!  I'm thinking that his may be an approach that would suffice for my needs also.

banobi

Edit the file /var/etc/lighty-webConfigurator.conf:

• Add: "mod_auth",

…

modules to load

server.modules              =  (

"mod_access", "mod_accesslog", "mod_auth",
                                  "mod_fastcgi", "mod_cgi"
                                )

...

• Add the text:

…
auth.backend                    = "plain"
auth.backend.plain.userfile  = "/usr/local/www/lightsquid/.htpasswd"

auth.require = ( "/lightsquid" =>
                  (
                    "method"  => "basic",
                    "realm" => "lightsquid",
                    "require" => "user=admin"
                  )
                )
...

Create file .htpasswd:
vi /usr/local/www/lightsquid/.htpasswd

• write the text:

admin:MYSCRETPASSWORD

Restart Lighttpd

• kill process lighttpd

• /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf

Finish
(sorry for my bad english)

dvserg

This is mast be maked as package-installation options. Not-good idea hacking system code.

banobi

Ok

But in any case solved my problem.

dvserg

@BaNoBi:

Ok

But in any case solved my problem.

If developerd adding way, how this correctly change from package, i promise add this to lightsquid Pkg.  :)