Add Protected Web Directory

3 posts / 0 new
Last post
#1 Tue, 10/25/2005 - 12:13

Add Protected Web Directory

Problem with adding Protected Web Directory Virtualmin Pro 2.90, FC3, fresh install 20051024

Following the process below the directory did not end up being protected. I'm pretty sure it is related to "AllowOverride All" not getting set in httpd.conf for the Virtual site.

Here's the steps I followed:

login to Webmin as the user of the virtual site

goto Others tab select Key icon for Protected Web Directories Shows No protected directrories have been defined yet. click Add protection for a new directory select Directory Path /home/somebody/public_html/phpmyadmin accepted File Containing users = Choos automatically accepted File containing groups = None accepted Password encryption = Unix crypt set Authentication realm to PHPMyAdmin accepted Users to allow = All users in file

select Create button

shows the protected directory and No users have been defined yet.

select Add a new user.

enter Username as somebody accept Enabled = Yes enter Password as xxxxxxx

select Create button

From here I went to another browser window and attempted to login to the /phpmyadmin directory and it went in without the authentication box. Tryed restarting Apache, no change.

Manaully edited httpd.conf and added "AllowOverride All" in the directory section of the correct Virtual server. Then restarted Apache and everything worked as expected.

Was there a step that I somehow missed in going through the Webmin process for Adding Protected Directory or is the program missing the update to httpd.conf?

I managed to get it working via the manual edit, but that seems a bit scary. I hesitated to add this as a Bug since I'm still learning, and I didn't want to cry wolf.

Cheers, Mark

Wed, 10/26/2005 - 03:15
Joe's picture

Hey Mark,

Nah, it's a bug. It ought to "Just Work" and it didn't. ;-)

We'll get it fixed in the next version. You can modify the template for Apache to fix it for new domains in the interim (or you can do it manually the way you've done). You probably don't actually want "AllowOverride All" though, for untrusted users. You may just want to add AuthConfig, and possibly a few others.

This is probably worth hashing out a good sensible default for. Anyone have opinions on what the default override'able options ought to be?


Check out the forum guidelines!

Wed, 10/26/2005 - 13:25

Mark. You have anything to do with Marken INternational ? :) hmmmmmmmmmmmmmmmmmmm

Topic locked