Apache Authentication¶
Apache authentication can be configured to require web site visitors to login with a user and password.
We protect cgi-bin apache directory which contains important perl scripts for dialplan, configurations and directory.
Step # 1: Make sure Apache is configured to use .htaccess file
You need to have "AllowOverride AuthConfig" directive in apache configuration file in order for directives to have
any effect.
For CentOS
vim /etc/httpd/conf/httpd.conf
<Directory "/var/www/cgi-bin">
AllowOverride AuthConfig
Options None
Order allow,deny
Allow from all
</Directory>
Save the file and restart Apache
# service httpd restart
For Debian
vim /etc/apache2/sites-available/default
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride AuthConfig
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
Save the file and restart Apache
# service apache2 restart
Step # 2: Create a password file with htpasswd
htpasswd command is used to create and update the flat-files (text file) used to store usernames and password for
basic authentication of Apache users.General syntax: htpasswd -c password-file username
Where,
-c : Create the password-file. If password-file already exists, it is rewritten and truncated.
username : The username to create or update in password-file. If username does not
exist in this file, an entry is added. If it does exist, the password is changed.
Create directory outside apache document root, so that only Apache can access password file. The password-file should
be placed somewhere not accessible from the web. This is so that people cannot download the password file:
# mkdir -p /home/secure/
Add new user called astpp
# htpasswd -c /home/secure/apasswords astpp
New password:
Re-type new password:
allow apache user apache to read password file:
For CentOS
# chown apache:apache /home/secure/apasswords
# chmod 0660 /home/secure/apasswords
For Debian
# chown www-data:www-data /home/secure/apasswords
# chmod 0660 /home/secure/apasswords
Now user astpp is added but you need to configure the Apache web server to request a password and tell the server
which users are allowed access.We have directory /var/www/cgi-bin and we would like to protect it with a password.
For CentOS
# cd /var/www/cgi-bin
# vim .htaccess
For Debian
# cd /usr/lib/cgi-bin
# vim .htaccess
Add following text:
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /home/secure/apasswords
Require user astpp
Now add username and password to following files:
# vim /usr/local/freeswitch/conf/autoload_configs/xml_curl.conf.xml
<!-- set this to provide authentication credentials to the server →
<param name="gateway-credentials" value="astpp:your_password"/>
# vim /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xm
<!-- optional: credentials to send to web server -->
<param name="cred" value="astpp:your_paasword"/>
Now restart freeswitch
# service freeswitch restart
You can test it by running below url in browser
http://localhost/cgi-bin/astpp/astpp-fs-xml.cgi
You will be asked for username and password for authentication.