[mythtv-users] Securing Mythweb
Brad DerManouelian
myth at dermanouelian.com
Fri Mar 28 19:22:16 UTC 2008
Harry Devine wrote:
> So, basically, what I'm looking for is how do I use the htdigest utility
> to secure Mythweb? And what do I need to do in mythweb.conf for this?
> Is .htaccess still involved somehow? Currently, I can get in locally,
> but from outside my network, my /var/log/httpd/error_log shows (and I
> KNOW I typed the password in correctly. and I'm not showing what the
> username is for security reasons ;-) ):
> [Fri Mar 28 15:02:21 2008] [error] [client 155.178.180.5] user
> <user_hidden_for_security>: authentication failure for "/mythweb":
> Password Mismatch
Get rid of your .htaccess files.
Edit /etc/httpd/conf.d/mythweb.conf like this:
Uncomment the htdigest section:
AuthType Digest
AuthName "MythTV"
AuthUserFile /var/www/htdigest
Require valid-user
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
Order allow,deny
Satisfy any
Then use htdigest (need to be root to do this or sudo the command) to
create your digest file:
htdigest -c /var/www/htdigest MythTV username
Then it will ask for your password.
Restart apache and it should work.
More information about the mythtv-users
mailing list