This is less a question, and more of a note for anyone having trouble getting the user authentication section of the exercise working.
When you get to the section where you’re editing the /etc/apache2/sites-enabled/000-default.conf file, we’re instructed to “Add these lines:”
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/apache2/htpasswd
Require valid-user
But we’re not told where in the file to add them. I tried different places and couldn’t get the user authentication prompt to appear when reloading the page. It just took me straight to the Masscan web interface as before. When checking the status of apache with “systemctl status apache2.service” There were different errors with starting Apache. They were different depending on where in the .conf file the code block was inserted.
After doing some digging, I discovered that inside of the main block of the .conf file, under the line that starts with “CustomLog…” if you create the following block of text, save and exit, then restart apache with “systemctl restart apache2” the web interface will then prompt you for user credentials when loading, as expected.
<Directory “/var/www/html”>
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/apache2/htpasswd
Require valid-user
</Directory>
-
This topic was modified 9 months, 1 week ago by
Mike.