Tuesday, 15 January 2013

Add password protection to the FreePBX splash page /var/www/html

Unfortunately this sort of defeats the purpose of using the 'Admin' module in FreePBX as it adds an additional log in step beforehand.  If you use the same username/password you don't need to log into the admin section again.  This is probably the best solution until the FreePBX team adds this security to their Admin module.
htpasswd /usr/local/apache/passwd/wwwpasswd NewUserName Apache will prompt you for a new password for the user name you've just indicated 
New password: Apache will prompt you to retype your new password Re-type new password: Apache will then confirm the new user Adding password for user NewUserName
Now you have to add the user name you've just created to the "httpd.conf" file. To
edit that file in "nano" type: 
nano /etc/httpd/conf/httpd.conf 
Now do a CTRL-W to search for "AuthUser" and you'll find the area where all the users are listed (for example: "maint", your AMP user).  If you don't find any try around line 587 right after the cgi-bin "<Directory....."  entry.
Now add the following lines: #Password protect the FreePBX Splash Page /var/www/html 
<Directory /var/www/html> 
AuthType Basic 
AuthName "Restricted Area" 
AuthUserFile /usr/local/apache/passwd/wwwpasswd 
Require user NewUserName1 NewUserName2 NewUserName3 yaddayaddayadda 
</Directory>

To delete an Apache user, type in the following and then remove the user from the "httpd.conf" file. htpasswd -D /usr/local/apache/passwd/wwwpasswd NewUserName
Then restart apache. /etc/init.d/httpd restart

No comments:

Post a Comment