RHEL7: Configure Apache access restrictions on directories.

Share this link

Note: This is an RHCE 7 exam objective. It has been renamed in June 2016 from “Configure private directories” to “Configure access restrictions on directories” without any particular changes.

Prerequisites

First, follow the instructions to install an Apache web server.

Then, create a private directory (called here private):

# cd /var/www/html 
# mkdir private
# echo "This is a test." > private/index.html
# restorecon -R .

There are several ways to restrict access to this directory:

1) host-based private directories

To only allow the test.example.com host (add the name/IP address in the /etc/hosts file if necessary) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AllowOverride None
Options None
Require host test.example.com
</Directory>

Check the configuration file:

# apachectl configtest
Syntax OK

2) user-based private directories

To only allow me to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AuthType Basic
AuthName "Password protected area"
AuthUserFile /etc/httpd/conf/passwd
Require user me
</Directory>

Check the configuration file:

# apachectl configtest
Syntax OK

Create the passwd file and store me‘s password:

# htpasswd -c /etc/httpd/conf/passwd me
New password: your password
Re-type new password: your password
Adding password for user me
# chmod 600 /etc/httpd/conf/passwd
# chown apache:apache /etc/httpd/conf/passwd

Note: The .htpasswd file can be used locally instead of the httpd.conf file in 1) and 2) for the same purpose.

Whatever the option chosen, restart the httpd service:

# systemctl restart httpd

Configuration Check

Check the httpd service:

# yum install -y elinks
# elinks http://localhost/private
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 3.67 out of 5)
Loading...

Leave a Reply

4 Comments on "RHEL7: Configure Apache access restrictions on directories."

Notify of
Sort by:   newest | oldest
abu3lia
Member
abu3lia

Hi,
I’ve tried the command [# htpasswd -c passwd user01] but this didn’t create the [passwd] file until I entered the full path for the destination location.

Regards.

nariman1064
Member
nariman1064
If during the exam or real life, you have to create the webserver directory under any location other than /var/www/, It will certainly take more time to reconfigure everything: If you look at “/etc/httpd/conf/httpd.conf” you will notice there are several lines in that file that point to “/var/www/” to set or call different things. If in an actual work case, you have to point to a different directory, then there are no issues with taking your time and changing all the paths in httpd.conf to the new location. However, during the exam you have little time to play with these… Read more »
wpDiscuz

RHCSA7: Task of the day

Allowed time: 8 minutes.
Find all files bigger than 100MB and write their names into the /root/results.txt file.

RHCE7: Task of the day

Allowed time: 3 minutes.
Configure your machine to be a router.

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...

Recent Comments