...
Shared - Public Share Folder
Code Block |
---|
|
cd /home/www.krypton.com
sudo mkdir shared # Browseable folder to drop content to share with others
sudo mkdir shared.private # Browser password protected folder to drop content to share with others via .htaccess
sudo mkdir keys # Place to store keys for protected folder
cd /home
sudo chown -R serveradmin:wgkryptonian ./www.krypton.com/shared/
sudo chmod -R 775 www.krypton.com/shared/ # Only svradm and users in the kryptonian group can manage. Apache(other's) still need to be able to read and browse. |
Add to the website host file,
Code Block |
---|
|
Alias /shared/ "/home/www.krypton.com/shared"
Alias /shared "/home/www.krypton.com/shared"
<Directory /home/www.krypton.com/shared>
/# Make this folder browseable
Options +Indexes
</Directory> |
The final host file will look like this,
Code Block |
---|
|
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.krypton.com
ServerAlias www.krypton.com
DocumentRoot /home/www.krypton.com/www
# This restrictive a precedence for ALL directory blocks.
<Directory />
Options FollowSymLinks
# This prevents use of .htaccess
AllowOverride None
</Directory>
# Main location of static content for the websites.
<Directory /home/www.krypton.com/www/>
Options +MultiViews
Order Allow,Deny
Allow from all
</Directory>
Alias /shared/ "/home/www.krypton.com/shared"
Alias /shared "/home/www.krypton.com/shared"
<Directory /home/www.krypton.com/shared>
# Make this folder browseable
Options +Indexes
</Directory>
ErrorLog /var/log/apache2/www.krypton.com.error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/www.krypton.com.access.log combined
</VirtualHost> |
Reload the Apache configuration file,
Code Block |
---|
|
sudo /etc/init.d/apache2 reload |
...
kalel logs in as himself he would do the following one time setup,
Code Block |
---|
|
cd /home/www.krypton.com/shared.private
mkdir kalel
chmod 750 kalel
cd /home/www.krypton.com/shared.private
mkdir keys
cd keys
# Create the initial password file with the first user being kalel
htpasswd -c ./kalel-www.krypton.com.shared.private kalel
New password:
Re-type new password:
# Create addition accounts. Notice NO "-c"
htpasswd .htpasswd cclark |
...
To make his folder more private, kalel makes a request to serveradmin (who has sudo privileges) to make the following changes,
Code Block |
---|
|
# assuming the user is serveradmin or any other account with sudo privileges
sudo chmod -R 750 /home/www.krypton.com/shared.private/kalel/
sudo chown -R kalel:www-data /home/www.krypton.com/shared.private/kalel/ |
...
Update the virtual host as follows,
Code Block |
---|
|
Alias /shared/ "/home/www.krypton.com/shared"
Alias /shared "/home/www.krypton.com/shared"
<Directory /home/www.krypton.com/shared>
# Make this folder browseable
Options +Indexes
</Directory>
Alias /shared.private/ "/home/www.krypton.com/shared.private"
Alias /shared.private "/home/www.krypton.com/shared.private"
<Directory /home/www.krypton.com/shared.private>
# Allow website admin to use .htaccess - http://httpd.apache.org/docs/2.2/mod/core.html,
# AuthConfig - Authentication
# Indexes - Makes directory browseable
# As soon as I introduce Indexes it breaks with error, ".htaccess: Options not allowed here".
#AllowOverride AuthConfig Indexes
# This works but allowing all is a security risk
# AllowOverride All
# Start TEMP solution
# Allow the .htaccess file to allow authentication.
AllowOverride AuthConfig
# For some reason allowing override of indexes does not work in .htaccess so set it manually here.
Options +Indexes
# End TEMP solution
</Directory>
ErrorLog /var/log/apache2/www.krypton.com.error.log |
...