Securing Big Brother web pages

Set Up .htaccess with Apache and a UNIX/Linux BB management server

Here's how to setup basic htaccess authentication for your BBDISPLAY zones:

1. Create a password file for each user (zone) with the htpasswd command (as root), like:

htpasswd -c /home/bb/bb4.30-bbpe/etc/bbpeuserpass bbuser

You will need to enter a password for the new user "bbuser" twice, and, this will create the password file under $BBHOME/etc. You can use the same command without the -c option to add more users/passwords. So, the next time you create a zone and a user/password for that zone, you'll execute something like:

htpasswd /home/bb/bb4.30-bbpe/etc/bbpeuserpass newUser

2. Edit the httpd.conf file (make a backup first) and change the DocumentRoot container configuration, like the text in red below:

<Directory "/var/www/html"> # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.2/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride AuthConfig # # Controls who can get stuff from this server. # Order allow,deny Allow from all </Directory>

3. Create a $BBHOME/www/rdbatest/.htaccess file with the following four lines:

AuthType Basic AuthName "Login screen" AuthUserFile /home/bb/bb4.30-bbpe/etc/bbpeuserpass Require user bbuser

4. Restart Apache (apachectl restart)

Now, launch a browser and try to access your BBDISPLAY.