Hello,
I'm trying to set up a web server with passwords. I would like to use both the htacess and python3.
Is Apache2 able to get/give who is using the page in real time? (and where dose it live?)
htaccess seems very powerful, how do I set up passwords for each page with integration to webpages.
-
klintkrossa
- Posts: 81
- Joined: Tue Nov 10, 2015 3:06 pm
Apache2 Help
Thanks
This is not like any other bulletin boards that I have been on. Been flamed on other BB's so bad I was afraid to ask.
All my Raspberry Pi's are like the Hessian artilleryman of Sleepy Hollow.
This is not like any other bulletin boards that I have been on. Been flamed on other BB's so bad I was afraid to ask.
All my Raspberry Pi's are like the Hessian artilleryman of Sleepy Hollow.
-
DougieLawson
- Posts: 39126
- Joined: Sun Jun 16, 2013 11:19 pm
- Location: A small cave in deepest darkest Basingstoke, UK
- Contact: Website Twitter
Re: Apache2 Help
You get a whole lot of environment details when you access any web page.
But none of that is secure. Also HTTP basic authentication is not secure, the password is bas64 encoded with no encryption. .htaccess is not secure in it's basic form.
You'll need to switch to using digest authentication or you need to completely redesign your application to use Ouath2.
Code: Select all
CONTEXT_DOCUMENT_ROOT = /usr/lib/cgi-bin/
CONTEXT_PREFIX = /cgi-bin/
DOCUMENT_ROOT = /srv/www/homelinux/darkside-logic/
GATEWAY_INTERFACE = CGI/1.1
HTTP_ACCEPT = text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
HTTP_ACCEPT_ENCODING = gzip, deflate, sdch
HTTP_ACCEPT_LANGUAGE = en
HTTP_CONNECTION = keep-alive
HTTP_DNT = 1
HTTP_HOST = 192.168.1.11
HTTP_UPGRADE_INSECURE_REQUESTS = 1
HTTP_USER_AGENT = Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36
PATH = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
QUERY_STRING =
REMOTE_ADDR = 192.168.1.67
REMOTE_PORT = 55426
REQUEST_METHOD = GET
REQUEST_SCHEME = http
REQUEST_URI = /cgi-bin/test.pl
SCRIPT_FILENAME = /usr/lib/cgi-bin/test.pl
SCRIPT_NAME = /cgi-bin/test.pl
SERVER_ADDR = 192.168.1.11
SERVER_ADMIN = webmaster@localhost
SERVER_NAME = 192.168.1.11
SERVER_PORT = 80
SERVER_PROTOCOL = HTTP/1.1
SERVER_SIGNATURE =
SERVER_SOFTWARE = Apache
UNIQUE_ID = WAjuCH8AAQEAAEoZ3ToAAAABYou'll need to switch to using digest authentication or you need to completely redesign your application to use Ouath2.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.
Criticising any questions is banned on this forum.
Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.
Criticising any questions is banned on this forum.
Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.
-
klintkrossa
- Posts: 81
- Joined: Tue Nov 10, 2015 3:06 pm
Re: Apache2 Help
Looking up using digest authentication go it to pass secure information along.
Why I wanted to use Python3 was it is the only scripting that I know some thing about. The cgi was going to redirect the client to a folder that was the same as his/her username. Digest authentication, will it pass the clients username along to python?
Thanks DougieLawson. I have taped you're knowledge twice now.
Why I wanted to use Python3 was it is the only scripting that I know some thing about. The cgi was going to redirect the client to a folder that was the same as his/her username. Digest authentication, will it pass the clients username along to python?
Thanks DougieLawson. I have taped you're knowledge twice now.
Thanks
This is not like any other bulletin boards that I have been on. Been flamed on other BB's so bad I was afraid to ask.
All my Raspberry Pi's are like the Hessian artilleryman of Sleepy Hollow.
This is not like any other bulletin boards that I have been on. Been flamed on other BB's so bad I was afraid to ask.
All my Raspberry Pi's are like the Hessian artilleryman of Sleepy Hollow.