Give http(s) access to folder to new user from htpasswd


#1

Hey,
I tried to do this via the “make download folder public” topics here, but it isn’t working
My goal is to give my friends access to some folder on my quickbox server, but I don’t want them to have my username/password.

What I did:

  1. I created a new user:password in /etc/htpasswd, I didn’t put “rutorrent” in between like for the standard user, I think it didn’t change the outcome (I have tried many things in the past hours

  2. In /etc/apache2/sites-enabled/aliases-seedbox.conf I added the following:

    Alias /public.downloads “/home/wyall/testfolder/”
    <Directory “/home/wyall/testfolder/”>
    Options Indexes FollowSymLinks MultiViews
    AuthType Digest
    AuthName "rutorrent"
    AuthUserFile '/etc/htpasswd’
    Require valid-user
    AllowOverride None
    Order allow,deny
    allow from all
    php_admin_value engine Off

Then I restart the server or/and apache

Problem: The new user isn’t working. Via the old one “wyall” I can access that folder via /public.downloads, but the new user specified in htpasswd is not working, the password prompt just pops up again and again.


#2

is there a specific reason you want to use http downloads? I think it would be better to create a 2nd ftp user if you just have a friend/relative/whatever that wants to download files from you.


#3

Right now I upload the stuff they want to mega.nz. I will never get them to use ftp or it will be way to much explaining for me to do, how to install and configure etc. Going on mega or on a website is just easier


#4

how did you add the user to the file? this sounds like an issue with the user you added. The apache setup above is fine as it is.


#5

Via sudo htpasswd /etc/htpasswd new_user

I’ve never had a pleasant case of “work” with web stuff and authorization :-\

Edit: where would be a log file located to see login attempts? It’s Apache that manages this, right?


#6

Ok I solved it. htpasswd is not the correct command to use.

I looked into the apache error logs at /var/logs/apache2/ and it said
[Wed May 31 08:14:50.089999 2017] [auth_digest:error] [pid 23318] [client MY_IP:PORT] AH01790: user '<user>' in realm 'rutorrent' not found: /public.downloads/

the problem was, that adding the new user to /etc/htpasswd isn’t done via htpasswd but via htdigest as Digest is the AuthType I chose.

The command works like this (as su):
htdigest /etc/htpasswd rutorrent <new_user>
with rutorrent being the realm mentioned in the error message.


#7

Glad you got this sorted. There is additionally a nifty application included. NextCloud. You can offer private folders etc on a per created (inside the NextCloud app) user basis. I only provide this opinion as a potentially much more robust solution for your future needs.