Difference between revisions of "NoPasswordApache"

From WikiDLXTV
Jump to: navigation, search
 
Line 31: Line 31:
 
   Allow from all
 
   Allow from all
 
   Satisfy Any
 
   Satisfy Any
  </Location></nowiki>
+
  </Location>
  
 
* Create a new file /conf/S00user-script (it may already exist) putting the following into it:
 
* Create a new file /conf/S00user-script (it may already exist) putting the following into it:

Latest revision as of 09:16, 21 March 2012

Disabling Username/Password authentication for the Apache Web Server

The default setting for WDLXTV's web server is to force authentication. You may want to switch this off for various reasons, i.e. to serve web pages. You can configure Apache on WDLXTV to not force authentication for particular web pages but I prefer just to switch it off for everything as I have no security issues with my setup. IMPORTANT: this removes the security from the WDLXTV and allows anyone to reconfigure your WDLXTV.

Configurating

The method to set this up is to overwrite the default Apache config file by over mounting an alternative using the "mount -o bind" method. The default configuration file is /etc/apache2/sites-available/default

Here are the steps to set this up:

  • cp /etc/apache2/sites-available/default /conf/apache-default
  • Edit the file /conf/apache-default, in the <Location /> section, change the following:
<Location />
  Options Indexes FollowSymLinks MultiViews

  AuthType Digest
  AuthName "WDLXTV-Webend"
  AuthDigestDomain /
  AuthDigestProvider file
  AuthUserFile /conf/htpasswd
  Require valid-user

  Order allow,deny
  Allow from 127.0.0.1 www.live365.com live365.com gdata.youtube.com localhost
  Satisfy Any
</Location>

to:

<Location />
  Options Indexes FollowSymLinks MultiViews
  Order allow,deny
  Allow from all
  Satisfy Any
</Location>
  • Create a new file /conf/S00user-script (it may already exist) putting the following into it:
#!/bin/sh
mount -o bind /conf/apache-default /etc/apache2/sites-available/default
  • Reboot WDTV (sync; sync; reboot)
  • And Apache should now not require a username/password.