Sign up here and you can log into the forum!

Web Hosting and PHP without password?

Feature requests / enhancements discussion regarding the web interface

Web Hosting and PHP without password?   

Postby panosil » Fri Mar 30, 2012 5:33 am

Hi to all!
After too much reading (started with http://forum.wdlxtv.com/viewtopic.php?f=16&t=5526&start=0&hilit=web+hosting) and testing,
I managed to setup my personal web site with WDTV Live.
Everything works OK! My index.html loads OK. I even managed to have "private" users, with "private" web sites, passwords etc...
Everything OK until I started to play with PHP!
When I replaced the main "free to web" index.html file with an index.php, WDTV askes for user and password!
If I give the "wdlxtv" one, the site loads and the php code executes... but... I don't want to have a user/password!
How I can load and execute php code without authentication?
I can do that by make my WDTV web interface free to everyone, but... this is NOT a good idea...
Can you help me please?
panosil
n00b
 
Posts: 3
Joined: Sat Feb 25, 2012 3:50 pm

Re: Web Hosting and PHP without password?   

Postby mad_ady » Fri Mar 30, 2012 8:36 am

I've seen this problem as well. It is because of one of the rewrite rules in sites-enabled.
You can either disable the rewrite rules (and your youtube/shoutcast proxies won't work any more), or you can add a section such as this to disable http auth for a subdirectory:
Code: Select all
<Location /umsp/>
      Satisfy Any
      Order allow,deny
          Allow from All
   </Location>
   
   <Location "/local-bin/php-cgi/umsp/">
      Allow from All
   </Location>



This disables authentication for anything under umsp/. Note however there is also a location /local-bin/php-cgi/$folder. This is how the rewrite engine matches your PHP files, so you will have to add such a location for your sites as well.
If you get stuck, enable debugging in the rewrite engine and have a look over its logs:
Code: Select all
RewriteEngine On
RewriteLog   /var/log/apache2/rewrite.log
RewriteLogLevel 9



Note, it's very "chatty" and will quickly fill up your ramdrive!
User avatar
mad_ady
Developer
 
Posts: 4522
Joined: Fri Nov 05, 2010 9:08 am
Location: Bucharest, Romania

Re: Web Hosting and PHP without password?   

Postby panosil » Fri Mar 30, 2012 11:30 am

My friend, thank you for the answer!
BUT... I am too nooby, so, some more infos... pleeeeeease!!!

This is my apache-default file, in /tmp/conf directory.

Code: Select all
<VirtualHost *:80>
   ServerAdmin webmaster@localhost

   DocumentRoot /var/www

   RewriteEngine Off
   RewriteLog   /var/log/apache2/rewrite.log
   RewriteLogLevel 0

   RewriteCond     %{HTTP_HOST}                            ^[^.]*\.youtube\.com$
   RewriteRule     ^/feeds/api/videos/(.*)/complaints   /var/www/proxy/youtube-proxy.php [L]
   RewriteRule     ^/feeds/api/videos/(.*)/ratings    /var/www/proxy/youtube-proxy.php [QSA,L]
   RewriteRule     ^/feeds/api/videos/(.*)/related    /var/www/proxy/youtube-proxy.php [QSA,L]
   RewriteRule     ^/feeds/api/videos/(.*)          /var/www/proxy/youtube-proxy.php?id=$1 [L]
   RewriteRule     ^/feeds/api/videos                 /var/www/proxy/youtube-proxy.php [QSA,L]
   RewriteRule     ^/feeds/api/standardfeeds/         /var/www/proxy/youtube-proxy.php [QSA,L]
   RewriteRule     ^/feeds/api/users/default/         /var/www/proxy/youtube-proxy.php [QSA,L]
   RewriteRule     ^/feeds/api/playlists/             /var/www/proxy/youtube-proxy.php [QSA,L]

   RewriteCond     %{HTTP_HOST}                            ^[^.]*\.?live365\.com$
   RewriteRule    ^/cgi-bin/api_login.cgi    /proxy/shoutcast.php?login=1 [QSA,L]
   RewriteRule    ^/cgi-bin/api_genres.cgi   /proxy/shoutcast.php [QSA,L]
   RewriteRule    ^/cgi-bin/directory.cgi      /proxy/shoutcast.php [QSA,L]
   RewriteRule    ^/play/(\d+)          /proxy/shoutcast.php?id=$1 [L]
   RewriteRule    ^/cover/(.+)          /proxy/shoutcast.php?cover=$1 [L]
   RewriteRule    ^/play/favorites_(\d+)       /proxy/shoutcast.php?id=$1&favorites=1 [L]
   RewriteRule    ^/pls/front          /proxy/shoutcast.php [QSA,L]
   RewriteRule    ^/cgi-bin/api_presets.cgi    /proxy/shoutcast.php [QSA,L]
    RewriteRule .* - [E=AUTHORIZATION:%{HTTP:Authorization}]


   <Directory />
      Options FollowSymLinks
      AllowOverride None
   </Directory>

   <Location />
      Options Indexes FollowSymLinks MultiViews

      AuthType Digest
      AuthName "WDLXTV-Webend"
      AuthDigestDomain /

      AuthDigestProvider file
      AuthUserFile /conf/htpasswd
      #Require valid-user
      Require user wdlxtv      

      Order allow,deny
      Allow from 127.0.0.1 http://www.live365.com live365.com gdata.youtube.com localhost
      Satisfy Any
   </Location>

   <Location /umsp>
      Order allow,deny
      Allow from All
      Satisfy Any
   </Location>

   <Location /local-bin/php-cgi/umsp>
      Allow from All
   </Location>

   <Location /tmp/private/panosil>
      Require user panosil
   </Location>

   <Location /tmp/www>
      Allow From All
      Satisfy Any
   </Location>

   ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

   <Directory "/usr/lib/cgi-bin">
      AllowOverride None
      Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
      Order allow,deny
      Allow from all
   </Directory>

   ErrorLog /var/log/apache2/error.log

   # Possible values include: debug, info, notice, warn, error, crit,
   # alert, emerg.
   LogLevel warn

   CustomLog /var/log/apache2/access.log combined

#   LoadModule scgi_module /usr/lib/apache2/modules/mod_scgi.so
   SCGIMount /RPC2 127.0.0.1:5000
</VirtualHost>


As you can see, I changed the "RewriteEngine" to Off and added the "umsp" and "/local-bin/php-cgi/umsp" locations that you said.
Saved the file and restarted the apache2 server with "/etc/init.d/S66apache2 restart".
Trying to get the "www" site ("<Location /tmp/www>" - the free one) and the server still asking for user/password!
Did I do something wrong?
panosil
n00b
 
Posts: 3
Joined: Sat Feb 25, 2012 3:50 pm

Re: Web Hosting and PHP without password?   

Postby mad_ady » Sat Mar 31, 2012 4:25 am

The umsp example I gave you was the one I used in my case. I wanted to disable authentication for the umsp folder. You will need to change that for whatever folders you use.

I've never tried it with rewrite engine off - I don't know if it would work or not. Try to set the RewrtieLogLevel to 9 and use
Code: Select all
tail -f /var/log/apache2/rewrite.log

to monitor the rewrite.log file. Then, restart apache and try to access the resourse you want to access. As far as I remember, this is the rule that is triggered for php files:
Code: Select all
RewriteRule .* - [E=AUTHORIZATION:%{HTTP:Authorization}]

The thing is - the rewrite.log file will give you the paths you need to set in your configuration file.
Change those paths in the umsp block I gave you (keeping your folder names), restart apache and try again.

One more thing - if you want to use /tmp/www, this is your DocumentRoot as well. So, you would need to make changes to Location / as well - more specifically, to disable authentication from there.
My example was if you wanted to leave that authentication in place, but disable it for some subfolders (something like /tmp/www/mysite or /tmp/www/umsp).
User avatar
mad_ady
Developer
 
Posts: 4522
Joined: Fri Nov 05, 2010 9:08 am
Location: Bucharest, Romania

Solved! Web Hosting and PHP without password   

Postby panosil » Sat Mar 31, 2012 5:19 pm

My friend, thank you very much!
Problem solved! Everything works OK now...
So, I am giving everyone the solution all together...

First I locked my WDTV only to the "wdlxtv" user/password, because I want only this user to see the main front-end and not every "valid-user"...

Code: Select all
   <Location />
      Options Indexes FollowSymLinks MultiViews
      AuthType Digest
      AuthName "WDLXTV-Webend"
      AuthDigestDomain /
      AuthDigestProvider file
      AuthUserFile /conf/htpasswd
      Order allow,deny
      #Require valid-user
      Require user wdlxtv
      Allow from 127.0.0.1 www.live365.com live365.com gdata.youtube.com localhost
      Satisfy Any
   </Location>


Then, for every entry I have from the internet, to a web page I offer, I setup two Locations; One under "/local-bin/php-cgi/tmp" and one under "/tmp".

So, the first page I offer, the free to everyone, is at Location "/tmp/free_site" (host directory is "/var/www/tmp/free_site").
To make it work, I setup the following:

Code: Select all
   <Location /local-bin/php-cgi/tmp/free_site>
      Order allow,deny
      Allow From All
      Satisfy Any
   </Location>

   <Location /tmp/free_site>
      Order allow,deny
      Allow From All
      Satisfy Any
   </Location>


The second one, is a "private" web page, that requests the user "panosil" to login, at Location "/tmp/private/panosil" (host directory is "/var/www/tmp/private/panosil").
To make this one work, I setup the following:

Code: Select all
   <Location /local-bin/php-cgi/tmp/private/panosil>
      AuthType Digest
      AuthName "WDLXTV-Webend"
      AuthDigestDomain /
      AuthDigestProvider file
      AuthUserFile /conf/htpasswd
      Order allow,deny
      Require user panosil
      Satisfy Any
   </Location>

   <Location /tmp/private/panosil>
      AuthType Digest
      AuthName "WDLXTV-Webend"
      AuthDigestDomain /
      AuthDigestProvider file
      AuthUserFile /conf/htpasswd
      Order allow,deny
      Require user panosil
      Satisfy Any
   </Location>


To make everyone see my sites, I use a free dynamic DNS service like http://www.no-ip.com or http://freedns.afraid.org (or any other that you like).
Also, to have access to all of the "gates", I use the Web Forward feature they offer. So I use a namealias.anyfreedomain.ext to redirect to my ip-address and I setup two "web forwards".
The first with somenamealias.anyfreedomain.ext to forward to http:// namealias.anyfreedomain.ext /tmp/free_site and the second with othernamealias.anyfreedomain.ext to forward to http:// namealias.anyfreedomain.ext /tmp/private.

Now I have three different entries from the internet:
1) Visitors give http:// somenamealias.anyfreedomain.ext to enter my free site
2) Private user "panosil" gives http:// othernamealias.anyfreedomain.ext /panosil to enter his private site (by using his password)
3) I give http:// namealias.anyfreedomain.ext to enter my WDTV front-end (by using the "wdlxtv" password)
and of course... the main page can be "index.html" or "index.php".
panosil
n00b
 
Posts: 3
Joined: Sat Feb 25, 2012 3:50 pm


Return to Webend Web Interface

Who is online

Users browsing this forum: No registered users and 1 guest