htpasswd command not found, etc

[Tokunbo]

hello,

Question#1
Pls I followed some tutorials I found on the web, trying to set up a password file.

THe command is used is:
"htpasswd -c /usr/local/apache/passwd/passwords username"

and the error is

"-bash:htpasswd:command not found"

and I have the htpasswd file at /usr/local/apache/bin/htpasswd

I even started Apache etc, then re-issued the command - twas to no avail.
NOTE: I have Apache on RH9, my index page displays ok, and I can access it from another PC.

Question#2....I cant access my index.html page unless I disable firewall(the one that came with my RH9 installation) using 'iptables -F' command. Pls how can I allow access to the webserver on RH9 without completly disabling firewall.Im not too familiar with Iptables stuff.....I mean what kinda code can I add to a file somewhere in my pc to allow such an access to my index.html page, without essentially compromising the total security on the pc. Theres no other firewall installed besides the one that came with the RH9 installation.

Question#3
I also have Apache installed on a WindowsXP PC...Everything works fine, can access pages across PCs etc.

Ive searched the web seriously but I cant find a tutorial on how to set up a passwd(user authentication) for Apache on a windows machine.
can someone help.

thanks
Toks

[kamtono]

double check again that htpasswd is executable (chmod 755 is fine)
and if you can't do with regular user do it with root account (this is my special weapon)

are you making some errors on httpd.conf ? (check on errors.log / tail -f /var/log/messages

at questions 2 check again on httpd.conf (DocumentRoot /usr/local/apache/htdocs - make sure it) if you not sure do this turn off ipchains and iptables

/etc/rc.d/init.d/ipchains off
/etc/rc.d/init.d/iptables off

make some check (ping localhost - is it any reply -it must) and fire-up your apache /usr/local/apache/bin/apachectl start

double checlk again using netstat -a (is httpd is listening ? if yes congratulations you've done) and do lynx http://localhost (to check you must be present with greeting successful page from apache - if this default index page not changed - lynx is web browser)

htpasswd of course is simple man

1. decided what directory that the files belong you want to protect
2. create .htaccess file on directory that you've chosen

AuthType Basic
AuthUserFile /usr/local/apache/conf/secretdir.passwd
AuthName Secret
require valid-user
satisfy any

this is just some sample files but it works on me

3. do /usr/local/apache/bin/htpasswd -bc /usr/local/apache/conf/secretdir.passwd secret Verysecret

that's it and that will create username secret and password Verysecret
if you look it out file /usr/local/apache/conf/secretdir.passwd you'll see that password username secret is encrypted

if you want to add user on that directory remove -bc options

do next thing

4. configure your httpd.conf

add on your httpd.conf

<Directory "/usr/local/apache/htdocs/secretdir">
AllowOverride AuthConfig
deny from all
Order deny,allow
</Directory>

5. restart your apache /usr/local/apache/bin/apachectl restart
6. and test it at http://localhost/secretdir - if you success you must be prompt for username and password

7. that's all

[Tokunbo]

hello Kamtono,

Regarding my Question#1
thanks. Yes I doublechecked and 'htpasswd' was mode 755. I did all I did before(for my original post) as root.

I checked the log file found at /usr/local/a[acje/logs............ there was nothing about 'htpasswd'.

There are no errors in my httpd.conf file....(I believe). I can start my webserver and access a sample page created at my document root DIR on the server itself as well as from a WindowsXP PC. Note my server is RedHat9.

I still get the same errors" command not found" for htpasswd"

what else can I do pls


for my question#2
You said I should do
/etc/rc.d/init.d/ipchains off
/etc/rc.d/init.d/iptables off

Yes, ive done that and as I said in my original post, I would want to access the webpages on my server without totalling disabling my iptables and ipchains.

By turning them totally off, I believe im exposing myself to the outside world.


for my Question#3
I was asking the question for an Apache Installation on a Windows XP PC. pls refer to post.

note that Apache is installed at c/program files/Apache group

thanks
Toks