Awstats password protection - Printable Version +- ispCP - Board - Support (http://www.isp-control.net/forum) +-- Forum: ispCP Omega Development Area (/forum-1.html) +--- Forum: Suggestions (/forum-2.html) +--- Thread: Awstats password protection (/thread-1562.html) |
RE: Awstats password protection - NoFutureKid - 01-23-2008 08:38 PM I don't get it to compile. I think it's only up to Apache 2.0, but i'm not sure. @BeNe: Perhaps you can tell me more about your dirty hack RE: Awstats password protection - BeNe - 01-24-2008 12:12 AM Yes, of course. i modified my /etc/apache2/sites-enabled/01_awstats.conf like this Code: # Greez BeNe RE: Awstats password protection - BioALIEN - 01-24-2008 12:27 AM BeNe, I think your dirty hack deserves a place in the DocuWiki with a nice step by step so we can all copy From the code above, I see you've added users, but no mention of how to do the password side of things for these users. RE: Awstats password protection - NoFutureKid - 01-24-2008 06:07 AM Ahh, sorry. I thought you have a hack for auth against mysql The way you did i already know. RE: Awstats password protection - BeNe - 01-24-2008 06:10 AM Quote:BeNe, I think your dirty hack deserves a place in the DocuWiki with a nice step by step so we can all copyWell, this is only a dirty workaround - but why not. Quote:Ahh, sorry. I thought you have a hack for auth against mysqlNo! I search also for a solution with mysql which we can use later out of the box. Greez BeNe RE: Awstats password protection - Cube - 02-19-2008 10:22 AM I once again thought about realising the password protection and would like to hear your opinion about yet another possible solution. We should start using our own AWStats like we do with the other tools too. We would have a more up-to-date version which generates better stats. New versions there are very rarely and there are not much security updates like in PMA, so there should not be much more work with that. We put AWStats into the tools-directory (some files perhaps somewhere else) and protected it with a htaccess-file (require valid-user). We also modify the config-template, so that AllowAccessFromWebToAuthenticatedUsersOnly and AllowAccessFromWebToFollowingAuthenticatedUsers are set correctly. Until now there is not much work. Now we have to modify ispcp-dmn-mngr so that the login-data of a new user will be written into a htpasswd-file. Accordingly they should be deleted if you delete the user and modified if you change the password. Probably for this big parts from ispcp-htuser-mngr can be used. In a further step we could extend the GUI, so that the users can set a separate password for AWStats. Unfortunately I don't understand enough Perl to realise this. Another interesting possibility was the script from Jan, but regrettably the thread is broken and he did not respond to my mail to post it again. RE: Awstats password protection - Kwik - 02-22-2008 07:03 PM Just want to mention that a password protection is a MUST HAVE, please, please. I will use BeNes workaround meanwhile. ^^ RE: Awstats password protection - schultzconsult - 04-14-2008 11:48 PM Kwik Wrote:Just want to mention that a password protection is a MUST HAVE, please, please. I will use BeNes workaround meanwhile. ^^ What about using a combination of perl and htaccess? If someone may enhance this script, it might be a solution. http://perl.apache.org/docs/1.0/guide/security.html#Authentication_code_snippets inserted into a .htaccess file Code: PerlModule My::Auth Code: sub access_handler { RE: Awstats password protection - BeNe - 04-16-2008 05:25 PM If this works - why not ? We should try it Greez BeNe RE: Awstats password protection - ephigenie - 04-16-2008 08:04 PM yeah but this only works with enabled mod_perl ... and mod_perl with mpm-worker is currently not supported... Although there're approaches / patches to make it run ... but this should be considered unstable. |