Hi Guys, I am trying to password protect the .../web/stats folders. It seems that you can use Web-FTP to create the .htaccess files, but it is not working for me. The files are created with the right users/passwords, but anyone can still access the /stats/ folder. Am i doing something wrong? Should the /stats/ folder be protected by default? This isn't urgent, but i am just a little curious. Thanks, Max
The web stats folders where password protected automatically. The .htaccess and .htpassword files where generated by the script /root/ispconfig/scripts/shell/webalizer.php. The usernames and passwords are the users of the website.
The script /root/ispconfig/scripts/shell/webalizer.php runs at 4:00 AM in the morning so you must wait until then until the stats directory of a new web site gets password protected.
Hi Guys, Stats directories are NOT automatically protected in my system. I run a 64bit processor and fedora core 4. Could i have accidently switched off / disabled something somewhere? Thanks, Max
ok ... i managed to figure out this one myself. I commented out the line: AllowOverride None in the /etc/httpd/conf/httpd.conf file. (not the Vhosts file) and now the stats folders are password protected. Does anyone know of a reason why i shouldn't have done that? Regards, Max
Hi Falko, Here's the surrounding info. I have a feeling that i have commented out the line in the wrong place. Thanks, Max # # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "/var/www/html" # # Each directory to which Apache has access can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # features. # <Directory /> Options FollowSymLinks #AllowOverride None </Directory> # # Note that from this point forward you must specifically allow # particular features to be enabled - so if something's not working as # you might expect, make sure that you have specifically enabled it # below. #
That's the wrong place because near the end of your Apache configuration you should have something like this: Code: <Directory /var/www/*/web> Options +Includes -Indexes AllowOverride None AllowOverride Indexes AuthConfig Limit FileInfo Order allow,deny Allow from all <Files ~ "^\.ht"> Deny from all </Files> </Directory> This is set by the ISPConfig installer, and /var/www/*/web (or whatever you chose during installation) is the place where the stats directories are created. This is the place where you can try to play around a little bit.
Hi Falko, Thanks for the quick response. My web sites reside in /home/www/*/web and the apache directives were set on /var/www/html/*/web. Changing it to the right directory (and undoing my prior change) seems to work perfectly. Thanks, max
Hi Falko, No ... i didn't change anything during the installation. I just went with the default values. I am using Fedora 4 core with a 64 bit processor, so i had to make a few minor modifications to get it to work, but it works great. Well done. I am getting to become a pretty good php programmer (and can speak German) so if you guys need any help on this project I am happy to help for a couple of hours a week. Regards, Max Sylvester
Hi Max, new developers are always welcome This is a huge project and we need any help we can get to push it forward. Please have a look at this post on how to get started with ISPConfig development or send me a pm: http://www.howtoforge.com/forums/showthread.php?t=135 Till
talking about access problems to stats, I have another similar issue: generally the stats are generated and accessable for all sites, except for one, the biggest one, where it would be most interesting to watch te stats develop... I do not have any clue how to find out whats going on here, all other sites are working here,... for this site however if I go to the stats site, I get asked for username and password but it does not work for any user of that site... I also made a new user with pw 1234 and that does work neither
The passwords where added / changed nightly when the stats where generated. You will have to wait up to 24 hours until your password get valid.
If no stats are generated for that site at all,you should increase the memory limit for PHP in /root/ispconfig/php/php.ini and restart ISPConfig. Maybe your logs are too big for the current memory limit.
well, I can't test it anymore, the big site just changed providers :-( I am no longer hosting them... happy riddance ;-)