A few things, mostly technical notes...

Saturday, January 28, 2006

How to secure MythWeb on Ubuntu (5.10) Linux?

By default, /etc/mythtv/mythweb-htaccess.conf is linked to .htaccess file inside /var/www/mythtv. (/var/www/mythtv itself is a soft-link to "/usr/share/mythtv/mythweb") [Applies to Ubuntu 5.10]

This is what I did to secure my MythWeb interface

1) Knock off the .htaccess file inside "/usr/share/mythtv/mythweb"

2) Edit the file /etc/apache2/apache2.conf (preferrably after saving a copy as old.apache2.conf), and add these entries:

Alias /mymyth/ "/usr/share/mythtv/mythweb/"
<Directory "/var/www/html/mythweb">
AllowOverride AuthConfig
AuthType Basic
AuthName "restricted area"
AuthUserFile /etc/apache2/mythtvusers
require user user1 user2
Options Indexes FollowSymLinks MultiViews
Order allow,deny
Allow from 192.168.1.
Satisfy any

3) Create the users:

User htpasswd -c option while you're creating the very first user.
# htpasswd -c /etc/apache2/mythtvusers user1 
Do not use the "-c" option for adding more users. If -c is used, it will overwrite your file, thereby deleting information about your the other users you already added.

For example, add user "user2":

# htpasswd /etc/apache2/mythtvusers user2

The above shown configuration will not prompt users from network for any passwords.

4) Chmod your password file:

# chmod 640 /etc/apache2/mythtvusers 

All done. At this point, you can restart apache (/etc/init.d/apache2 restart as root).

Fire up your favorite browser and point it to the url: http://mymythserver/mymyth/

Where mymythserver is the IP/URI of your MythWeb Server. Please note the trailing slash (/) after mymyth in the url, it is very important. (Well, you'll see...!!)

No comments:


Creative Commons License
This work is licensed under a Creative Commons License.