I have an .htaccess like this :
AuthName "Site protégé"
AuthType Basic
AuthUserFile /var/www/maquette_re/.htpasswd
Require valid-user
and an .htpasswd like this :
login:mdp
When y go on my site, i have this apache error in /var/log/apache2/error.log:
user login: authentication failure for "/": Password Mismatch
I don't understand my mistake.
Can you help me ?
Related
I have a very simple situation but I can't figure out how regex works...
I have an application generating a log only when a login problem occurs. So there is no line in log except in case of wrong login or in case of attempt to reset a password too many times. So potentially, I don't even need to search a particular string in log, any entry matches. Here is a log example :
2019-10-20 18:44:35 127.0.0.1 login.php : Authentication error - account not initialized : client XXXX, login YYYY
2019-10-20 21:31:17 127.0.0.1 login.php : Authentication error - password error : client XXXX, login XXXX
2019-10-20 21:29:39 127.0.0.1 login.php : Authentication error - client contains wrong chars : client XXXX, login YYYY
2019-10-21 06:25:25 127.0.0.1 login.php : Authentication error - account locked : client XXXX, login YYYY
2019-10-21 06:48:11 127.0.0.1 user.php : Authentication - Unlocking : client XXXX, login YYYYY
I have a problem with regular expression cause I can't understand how it works (for years). All I tried give me errors when I start fail2ban : Unable to compile regular expression, No failure-id group in 'Authentication error', ... Damned, it looks so easy !
Finally...
[INCLUDES]
before = common.conf
[Definition]
failregex = <HOST> .* Authentication
Please note this works but I found without understand anything. If someone has a link where how fail2ban works is explained. I found many but none of them have clear explanations.
The main trick is the fact that error.log files look different from tutorials and you need to rewrite failregex manually. Another trick is that <HOST> is a predefined regexp that tries to match an ip but it could match something like datetime instead
In such case like
[Tue Nov 08 03:03:03.349852] bla-bla [client 1.2.3.4:5] bla-bla xxx bla-bla
In case you're banning when xxx appear
[Definition]
failregex = client <HOST>(.*)xxx
Sadly quick google search upon fail2ban and tutorials indeed explain little. I also wanted to ban by simple string match.
I have an environment with Oracle WebLogic and OHS running.
In the mod_wl_ohs.conf I have following (beside config for other applications)
<Location /application1>
SetHandler weblogic-handler
WLLogFile /opt/logs/ application1.log
Debug OFF
WebLogicHost 127.0.0.1
WebLogicPort 23666
</Location>
This works fine the and the server listening to 23666 with the actual application1 application is handling the requests like “http://example.com/application1/*” .
Now I would like to redirect all requests for specific URL pattern to a different domain (not necessary on the same server), but continuing handling all requests others.
Redirect: http://example.com/application1/MagicKeyword/*
continue on: http://example.com/application1/NotTheKeyword* or http://example.com/application1/AlsoNotKeyword/*
What is the right approach for that?
I played around with some mod_rewrite rules, it seems they don’t take affect or break everything (in httpd.conf). I was also reading that we should not use mod_rewrite rules inside of location tag (can't find the reference now).
What else can I do?
Edit: So finally I found my error (somehow wrong syntax which not prevented the server from starting (like usual).
So I could:
in httpd.conf
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule "(.*)/application1/MagicKeyword/(.*)$" "https://www.example.org" [NC,L,R=301]
</IfModule>
or in the Location tag add:
RewriteEngine On
RewriteRule "(.*)/MagicKeyword/(.*)$" "https://www.example.org" [NC,L,R=301]
Why should I prefer one over the other?
Is there anything to concern about?
Two other options you can consider. You can use the order of location tags:
<Location /application1/MagicKeyword>
WebLogicHost otherhost
</Location>
<Location /application1>
WebLogicHost 127.0.0.1
</Location>
You can tell WebLogic to exclude a path (see https://docs.oracle.com/middleware/1212/webtier/PLGWL/plugin_params.htm#PLGWL473):
<Location /application1>
WebLogicHost 127.0.0.1
WLExcludePathOrMimeType /application1/MagicKeyword
</Location>
<Location /application1>
WebLogicHost otherhost
</Location>
I am trying to set up and run an old Web application(written in 2010) in a new Linux environment. The Apache server is not starting because of the error Unknown Authz provider access, caused by the configuration given below.
<Directory /srv/webapp>
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
SetOutputFilter DEFLATE
ExpiresActive On
ExpiresDefault "3 Months"
AuthType security::AuthCookieHandler
AuthName Maxio
PerlAuthenHandler security::AuthCookieHandler->authenticate
PerlAuthzHandler security::AuthCookieHandler->authorize
require access
</Directory>
I couldn't find any documentation for this, or any apache module that defines access , but security::AuthCookieHandler has
sub access
{
...
...
}
I understand that this is mod_perl based authentication, but haven't worked on this before. Apache starts if this authentication is disabled, and the application loads in the browser.
So the questions are
Is require access supposed to get the return value from sub access ?
If so, why sub access is not visible to the configuration ?
If not so, what is access here ?
After researching for a few hours I found out that this is because of changes in the latest versions of Apache and mod_perl.
From the Apache-AuthCookie documentation and Apache 2.4 porting notes, I learned that Apache 2.4 needs mod_perl version 2.0.9 or higher.
Also, a custom Authz Provider has to be added using PerlAddAuthzProvider. I was able to solve my issue by doing
PerlAddAuthzProvider access security::AuthCookieHandler->access
...
...
<Directory /srv/webapp>
...
...
require access
</Directory>
I have downloaded typo3-neos using php c:/xampp/Composer/bin/composer.phar create-project --dev --stability alpha typo3/neos-base-distribution TYPO3-Neos-1.0-alpha
my httpd.conf is :
<VirtualHost *:80>
ServerName neos.demo
DocumentRoot c:/xampp/htdocs/Typo3-Neos/Web/
SetEnv APPLICATION_ENV "development"
<Directory c:/xampp/htdocs/Typo3-Neos/Web/>
DirectoryIndex index.php
AllowOverride FileInfo Options=MultiViews
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
and vhost is: 127.0.0.1 neos.demo
I am geting the follwing 500 Internal Server Error (a snippet)
1355480641: Execution of subprocess failed with exit code 1 without any further output.
(Please check your PHP error log for possible Fatal errors)
More information
TYPO3\Flow\Core\Booting\Exception\SubProcessException thrown in file
C:\xampp\htdocs\TYPO3-Neos\Packages\Framework\TYPO3.Flow\Classes\TYPO3\Flow\Core\Booting\Scripts.php in line 532.
Reference code: 201310091327354b04b0
I have divided screenshot of the complete error page into three parts (error1.png, error2.png, error3.png) as the error stack is quite long, which is attached here
How can this be solved
After setting your System up, start NEOS with http://neos.demo/setup first.
I was having the same issue on my Mac machine after a successful installation. The point was that my php installation was not linked correct to the php binary, although it was set correctly in /user/bin/php and "active"
So make sure /opt/local/etc/select/php/current points to a valid php installation using the command "sudo port select php php54" (for php 5.4)
I solved this error with setup this lines in neos\Packages\Framework\TYPO3.Flow\Configuration\Settings.yaml
TYPO3:
Flow:
core:
phpBinaryPathAndFilename: 'C:/path/to/php.exe'
TYPO3:
Flow:
core:
subRequestPhpIniPathAndFilename: '/path/to/your/php.ini'
This error occur because typo3flow may be not find php and php.ini files in server.
for more help follow this link: http://wiki.typo3.org/Exception/Flow/1355480641
I would like to protect a web folder via .htpasswd.
However, as the .htaccess file is under version control, I would prefer to not mess with it.
Instead, I would like to have the configuration in
/etc/apache2/sites-enabled/mysite
/etc/apache2/.htpasswd
Any idea what I need to put in the "mysite" apache configuration file?
So far it is sth like this,
<VirtualHost (ip address):80>
ServerName my.domain
DocumentRoot /var/sites/sitename
ServerAdmin ...
</VirtualHost>
Heureka, I figured it out myself.. or what I think to be the solution.
<VirtualHost (ip address):80>
ServerName my.domain
DocumentRoot /var/sites/sitename/
ServerAdmin ...
<Directory /var/sites/sitename/>
AuthUserFile /etc/apache2/.htpasswd
AuthGroupFile /dev/null
AuthName "What is the pw"
AuthType Basic
require user (username)
</Directory>
</VirtualHost>
The .htpasswd can be created in the usual way via commandline,
# htpasswd /etc/apache2/.htpasswd (username)
EDIT: anthony in the comment below strongly recommends you use https/SSL, to prevent the password from being sent unencrypted.