Tag: htpasswd

  • CPanel SSL Renew on password protected site

    CPanel SSL Renew on password protected site

    We have a site where we host demo websites that we do for our customers. We don’t want search engines to index these sites or strangers to see them. So it is password protected. The problem is Cpanel Auto SSL needs to access URI like /.well-known/ for SSL domain validation. With password protection, SSL domain verification fails and you won’t be able to renew the SSL certificate.

    In this post, I am doing it for domain demo.hostonnet.com with Cpanel username hostond.

    cpanel password protected site ssl

    Redirect HTTP to HTTPS

    I want to force all buy SSL verification requests to get redirected to HTTPS. For this, i created a folder

    mkdir -p /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/

    Now create a file

    vi /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/force-ssl.conf

    Add following content to it.

    RewriteEngine On 
RewriteCond %{REQUEST_URI} !^/\.well-known/
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

    This will redirect all requests that do not start with URI .well-known to HTTPS.

    Password Protect site

    Since HTTP only allows domain validation (pages inside folder .well-known) and redirects all other requests to HTTPS, we only need to password protect the HTTPS side of the website.

    First, create a directory

    mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/

    Create file

    vi /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/password.conf

    Add following content

    
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/demo-hon-htpaswd
    Require valid-user

    Setting Password

    HTTP Basic authentication password is stored in file /etc/apache2/demo-hon-htpaswd. To set password, use htpasswd command.

    To create a user, use

    htpasswd -c /etc/apache2/demo-hon-htpaswd admin

    This will create a user with the username “admin”. You will be asked to enter a password.

    Now restart apache

    systemctl restart httpd

    See Cpanel Server

  • Modify Apache Virtual Host for a site in Cpanel Server

    On Cpanel server Apache configuration file get recreated every time you modify or add a new web site. In cause you need to modify VirtualHost entry for a web site hosted in cpanel, you should not edit /etc/apache2/conf/httpd.conf file.

    If you open /etc/apache2/conf/httpd.conf and check virtual host entry for a web site, you will see line like

    # Include "/etc/apache2/conf.d/userdata/std/2_4/USERNAME/DOMAINNAME/*.conf"
# Include "/etc/apache2/conf.d/userdata/ssl/2_4/USERNAME/DOMAINNAME/*.conf"

    in non-ssl and ssl virtual host entry for a domain. To modify virtual host entry, you need to create the folder, then create a file with extension .conf

    Then rebuilt httpd.conf by running

    /usr/local/cpanel/scripts/rebuildhttpdconf

    During rebuild, the script will check for the conf file, if found the line get uncommented (remove # from beginning of Include line).

    For a web site, i need to protect it with password. This is a feature available in cpanel, but i want it done on server side, so no one accidently make this site public by deleting .htacess.

    To do this, i created folders

    mkdir -p /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/

    In this cause, cpanel user name is “serverok” and the web site url is demo.serverok.in

    I created .conf file in both folders

    vi /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/password.conf
vi /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/password.conf

    Add content

    
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/serverok-htpaswd
    Require valid-user


Now rebuild httpd.conf with


    /usr/local/cpanel/scripts/rebuildhttpdconf

    

    Restart Apache with
    

    systemctl restart httpd

    

    Now when i visit the web site, it ask for password. We have not yet created password file, so create it with
    

    htpasswd -b -c /etc/apache2/serverok-htpaswd USERNAME_HERE PASSWORD_HERE

    

    See Cpanel Server, Apache

  • htpasswd

    Create a password file

    htpasswd -c /path/to/passwd/file admin

    To change the password for an existing user

    htpasswd /path/to/passwd/file  USER_HERE

    You can use -b option to specify the password as a command line option, this is useful for adding or updating users non-interactively.

    htpasswd -b -c /path/to/passwd/file USER_HERE PASSWORD_HERE

    To limit access, add the following to the Apache virtual host entry.

    <Directory "/var/www/html">
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /path/to/passwd/file
    Require valid-user
</Direcory>
    




    Apache