[Mike]

This is less a question, and more of a note for anyone having trouble getting the user authentication section of the exercise working.

When you get to the section where you’re editing the /etc/apache2/sites-enabled/000-default.conf file, we’re instructed to “Add these lines:”
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/apache2/htpasswd
Require valid-user

But we’re not told where in the file to add them. I tried different places and couldn’t get the user authentication prompt to appear when reloading the page. It just took me straight to the Masscan web interface as before. When checking the status of apache with “systemctl status apache2.service” There were different errors with starting Apache. They were different depending on where in the .conf file the code block was inserted.

After doing some digging, I discovered that inside of the main block of the .conf file, under the line that starts with “CustomLog…” if you create the following block of text, save and exit, then restart apache with “systemctl restart apache2” the web interface will then prompt you for user credentials when loading, as expected.

<Directory “/var/www/html”>
AuthType Basic
AuthName “Restricted Content”
AuthUserFile /etc/apache2/htpasswd
Require valid-user
</Directory>

• This topic was modified 10 months, 3 weeks ago by Mike.

[Gisung Ryu]

Thanks for sharing! This helped me with my issue.

[Christopher]

Thanks for this post!

[HappyGilmore]

Thank you help me out as well.
Only issue, I had was not could not copy and paste the lines of codes.
Had to enter them in manually

Thank you

[James Aylesworth]

I was just coming here to look for an email address to write somebody about this after figuring out. I’m glad to see the post already exists; hopefully others were smarter than I and looked here first.

Valuable lesson learned… Check the forums first and save oneself the google-time…unless you enjoy those rabbit holes 🙂

Thank you!

[Author]

Posts