Hi guys,
I've just realised that the Password Protected Directories modules of Webmin / Virtualmin don't work as expected with a LEMP install. The whole .htaccess / .htpasswrd system only applies to Apache. As far as I can tell, the modules still try and do things the "Apache" way on a nginx install and there's no warnings to indicate it isn't working. Unless I've missed something?
There is a fairly straightforward way of implementing protected directories in nginx by creating a .htpasswd file, adding the protected directory as a location to the server{} block of nginx/conf.d/domain.conf and using auth_basic: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-h...
Is it possible to add this functionality to the module to allow it to differentiate between Apache / nginx installs and work correctly in LEMP installs? And until then, could you add some kind of safeguard to prevent the modules (and any other features that rely on .htaccess / .htpasswd) from working on nginx installs?
Cheers
Comments
Submitted by menathor on Fri, 03/15/2019 - 22:29 Comment #1
Submitted by JamieCameron on Sat, 03/16/2019 - 20:27 Comment #2
That's a good suggestion .. we'll look into this.