Current time: 12-23-2024, 06:25 AM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo]My solution to password protect AWStats
Author Message
Blondak Offline
Junior Member
*****
Dev Team

Posts: 84
Joined: May 2008
Reputation: 5
Post: #1
[HowTo]My solution to password protect AWStats
Requirements
Setup database
because pam_mysql in current version does not support MD5 you must edit table admin
Code:
ALTER TABLE admin ADD apache_pass VARCHAR(41);
or you can create own table, but than you must update pam config file to match this table.Then set passwords using mysql PASSWORD function (can we change MD5 password to PASSWORD encrypted ones?). I suggest create user as above.
Code:
GRANT SELECT ON ispcp.admin TO XXX@"localhost" IDENTIFIED BY "YYY";FLUSH PRIVILEGES;
this will create user that can only read ispcp.admin

Configure PAM
create config file for pam, if have mod_auth_pam with path for setting service name create file /etc/pam.d/apache-awstats otherwise /etc/pam.d/apache2
Code:
auth    required pam_mysql.so user=XXX passwd=YYY host=localhost db=ispcp table=admin usercolumn=admin_name passwdcolumn=apache_pass crypt=mysql
account required pam_mysql.so user=XXX passwd=YYY host=localhost db=ispcp table=admin usercolumn=admin_name passwdcolumn=apache_pass crypt=mysql
change permissions
Code:
chmod 640 /etc/pam.d/apache-awstats
chown root.www-data /etc/pam.d/apache-awstats

Update /etc/apache2/sites-available/01_awstats.conf
update /etc/apache2/sites-available/01_awstats.conf
Code:
<Directory /usr/lib/cgi-bin>
#add this : begin
        AuthPAM_Enabled on
        AuthPAM_FallThrough off
#next line only with service-name patch
    AuthPAM_ServiceName apache-awstats
        AuthType Basic
        AuthName "AWStats"
        AuthUserFile /dev/null
        AuthBasicAuthoritative Off
        Require valid-user
#add this : end

    AllowOverride none
        Options +ExecCGI
        DirectoryIndex awstats.pl
        Order allow,deny
        Allow from all
    </Directory>

Update AWStats config
next you must update awstats config files
Code:
AllowAccessFromWebToAuthenticatedUsersOnly=1
AllowAccessFromWebToFollowingAuthenticatedUsers="__USERNAMES_WITH_ACCESS__" #(probably domain name)

Done
restart apache and passwords should work Wink

My tips for awstats
i have create file /etc/awstats/support/awstats.common.conf with common configuration for all domain
i update /etc/ispcp/awstats/awstats.ispcp_tpl.conf to following
Code:
Include "/etc/awstats/support/awstats.common.conf"

LogFile="{APACHE_LOG_DIR}/{DOMAIN_NAME}-combined.log"
SiteDomain="{DOMAIN_NAME}"
HostAliases="www.{DOMAIN_NAME} REGEX[^.*\.{DOMAIN_NAME}$]"

AllowAccessFromWebToAuthenticatedUsersOnly=1
AllowAccessFromWebToFollowingAuthenticatedUsers="{DOMAIN_NAME} admin"
reason of this is, when i want etc. add new module I can do it in one file and i don't need to change each file.

I hope that I don't forgot something.

With Regards Blonďák
05-23-2008 06:49 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)