Exercise 5-4 Masscan User Authentication Issue

This topic contains 2 replies, has 3 voices, and was last updated by  Christopher 4 months, 3 weeks ago.

  • Author
    Posts
  • #17089

    Mike
    Participant

    This is less a question, and more of a note for anyone having trouble getting the user authentication section of the exercise working.

    When you get to the section where you’re editing the /etc/apache2/sites-enabled/000-default.conf file, we’re instructed to “Add these lines:”
    AuthType Basic
    AuthName “Restricted Content”
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user

    But we’re not told where in the file to add them. I tried different places and couldn’t get the user authentication prompt to appear when reloading the page. It just took me straight to the Masscan web interface as before. When checking the status of apache with “systemctl status apache2.service” There were different errors with starting Apache. They were different depending on where in the .conf file the code block was inserted.

    After doing some digging, I discovered that inside of the main block of the .conf file, under the line that starts with “CustomLog…” if you create the following block of text, save and exit, then restart apache with “systemctl restart apache2” the web interface will then prompt you for user credentials when loading, as expected.

    <Directory “/var/www/html”>
    AuthType Basic
    AuthName “Restricted Content”
    AuthUserFile /etc/apache2/htpasswd
    Require valid-user
    </Directory>

    • This topic was modified 6 months, 3 weeks ago by  Mike.
  • #17237

    Gisung Ryu
    Participant

    Thanks for sharing! This helped me with my issue.

  • #17241

    Christopher
    Participant

    Thanks for this post!

You must be logged in to reply to this topic.

Back to Top