If you can see this check that

next section prev section up prev page next page

Using Apache

Basic Authentication

Basic Authentication

.htaccess

Building a Password File

.htaccess

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /home/gordon/password
Require user andrew

The password file

Any valid user

Require user andrew

Groups

Basic Auth Problems

Control by IP

Example

Order is important

order allow,deny
allow from all
deny from 10.0.0.1

Domain Names

Development site

Log Analysis

Logs

Where are the logs

Logging in /var/log/http access file

Analysing the log

Webaliser Summary

Analysis

Per day activity - October

Hour analysis - October

Users

Referrer Info

What search terms?

Where from?

Google Analytics

db.grussell.org

Logging Summary

Apache Security

Security

Simple CGI: who.cgi

#!/bin/sh
echo 'Content-Type: text/html; charset=ISO-8859-1'
echo
echo '<body><pre>'
whoami
env
echo '</pre></body>'

http://servername/who.cgi

apache SERVER_SIGNATURE=Apache/2.0.51 (Fedora) Server at servername Port 80 
UNIQUE_ID=umn4CZKwogYAADNFYkcAAAAI HTTP_KEEP_ALIVE=300 
HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 
SERVER_PORT=80 
HTTP_HOST=servername DOCUMENT_ROOT=/home/gordon/public_html HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7 SCRIPT_FILENAME=/home/gordon/public_html/who.cgi REQUEST_URI=/who.cgi 
SCRIPT_NAME=/who.cgi 
SCRIPT_URI=http://servername/who.cgi 
HTTP_CONNECTION=keep-alive 
REMOTE_PORT=1234 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin
SCRIPT_URL=/who.cgi 
PWD=/home/gordon/public_html SERVER_ADMIN=me@grussell.org HTTP_ACCEPT_LANGUAGE=en-gb,en;q=0.5 HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
REMOTE_ADDR=50.50.50.1
SHLVL=1 
SERVER_NAME=servername SERVER_SOFTWARE=Apache/2.0.51 (Fedora)
QUERY_STRING= SERVER_ADDR=146.176.162.6 GATEWAY_INTERFACE=CGI/1.1 SERVER_PROTOCOL=HTTP/1.1 HTTP_ACCEPT_ENCODING=gzip,deflate REQUEST_METHOD=GET _=/bin/env 

Issues

Ideas

Discussion

Discussion

Discussion

Question 1

Question 2

Question 3


Linux tutorials: intro1 intro2 wildcard permission pipe vi essential admin net fwall DNS diag Apache1 Apache2
Caine 6.0: Essentials | Basic | Search | SysIntro | 5a | 5b | 5c | 6 | 7a | 7b | 8a | 8b | WebBrowserA | WebBrowserB | Registry | Browser
Digital Investigation: Editing | Email | Logs | Strength
Kali: 1a | 1b | 1c | 2 | 3 | 4a | 4b | 5 | 6 | 7a | 8a | 8b | 9 | 10 |
Useful: Quiz | Forums | Privacy Policy | Terms and Conditions
Site Links:XMLZoo ActiveSQL ProgZoo SQLZoo

Copyright @ 2004-2017 Gordon Russell. All rights reserved.