Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

Apache htdigest

Apache htdigest

htdigest File Creation

You may want to give someone wordpress access. If you do the other security listed, you will get a popup when try to access /wp-admin/ This popup is controlled by htdigest module, and program.

I have created a file called /var/www/.htdigest that contains the passwords and is outside of the normal site directories that are publicly available. I’ve also added protections in the main config that disallow someone from trying to read dot files like .htdigest

To add a user to this database, use the following command:

sudo htdigest /var/www/.htdigest <REALM> <username>

For example:

sudo htdigest /var/www/.htdigest RESTRICTED james

Config files

This is usually used in combination with a specific resource to request password for:

 <Location /wp-login.php>
  Order Deny,Allow
  AuthType Digest
  AuthName "RESTRICTED"
  Require valid-user
  AuthUserfile /var/www/.htdigest
 </Location>

Enable Modules

sudo a2enmod auth_digest

Test and Restart

sudo apache2ctl -t
sudo systemctl restart apache2