Diego

Live as if you were to die tomorrow. Learn as if you were to live forever. Mahatma Gandhi

1 minute read

Note: This is an RHCE 7 exam objective. It has been renamed in June 2016 from “Configure private directories” to “Configure access restrictions on directories” without any particular change.

Prerequisites

First, follow the instructions to install an Apache web server.

Then, create a private directory (called here private):

# cd /var/www/html 
# mkdir private
# echo "This is a test." > private/index.html
# restorecon -R .

There are several ways to restrict access to this directory:

1) host-based private directories

To only allow the test.example.com host (add the name/IP address in the /etc/hosts file if necessary) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AllowOverride None
Options None
Require host test.example.com
</Directory>

Check the configuration file:

# apachectl configtest
Syntax OK

2) user-based private directories

To only allow me to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AuthType Basic
AuthName "Password protected area"
AuthUserFile /etc/httpd/conf/passwd
Require user me
</Directory>

Check the configuration file:

# apachectl configtest
Syntax OK

Create the passwd file and store me‘s password:

# htpasswd -c /etc/httpd/conf/passwd me
New password: your password
Re-type new password: your password
Adding password for user me
# chmod 600 /etc/httpd/conf/passwd
# chown apache:apache /etc/httpd/conf/passwd

Note: The .htpasswd file can be used locally instead of the httpd.conf file in 1) and 2) for the same purpose.

Whatever the option chosen, restart the httpd service:

# systemctl restart httpd

Configuration Check

Check the httpd service:

# yum install -y curl
# curl -u user:password http://localhost

or

# yum install -y elinks
# elinks http://localhost/private

Useful Tip

If you forget the syntax of some Apache directives, install the httpd-manual package and browse the documentation in the /usr/share/httpd/manual/howto directory:

# yum install -y httpd-manual
# elinks /usr/share/httpd/manual/howto/auth.html

Thanks to Jeromeza for this tip.

Leave a comment

You may also enjoy