ispCP - Board - Support - VHCS fork / ispCP Omega Development Area / Suggestions / Awstats password protection

Post Reply  Post Thread 
Awstats password protection
Author Message
BeNe
Moderator
*****


Posts: 2,557
Group: Moderators
Joined: Jan 2007
Status: Offline
Reputation: 35
Post: #11
RE: Awstats password protection

Good point, BUT there is the next package problem:

Code:
Starting web server (apache2)...Syntax error on line 21 of /etc/apache2/sites-enabled/01_awstats.conf:
DBD: No driver for mysql
failed!


I checked many sites about mod_dbd and it seems that there is no mysql driver as package available for mod_dbd

Can anyone give me a hint ?

Greez BeNe



:: ispCP Omega RC5 Live Demo - r1267 (19.05.08) --> http://www.isp-control.net/forum/ispcp-o...ml#pid2169 <--
10-28-2007 03:10 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Cube
Documentation Team
***
Docu Team

Posts: 505
Group: Docu Team
Joined: Apr 2007
Status: Offline
Reputation: 6
Post: #12
RE: Awstats password protection
11-01-2007 01:42 AM
Find all posts by this user Quote this message in a reply
ephigenie
Administrator
*******
Administrators

Posts: 570
Group: Administrators
Joined: Oct 2006
Status: Offline
Reputation: 9
Post: #13
RE: Awstats password protection

yeah you're right - it seems as if the mysql license is not compatible with debian's ...
so they didn't include the mysql driver ... this is bad.

But i saw that in sid there's mod_auth_mysql again - but it did not make it into stable Sad

11-01-2007 02:38 AM
Visit this user's website Find all posts by this user Quote this message in a reply
jmeyerdo
Junior Member
*


Posts: 135
Group: Registered
Joined: Oct 2007
Status: Offline
Reputation: 2
Post: #14
RE: Awstats password protection

Hi!
Allow me one suggestion, please...

Perhaps you can take into consideration which modules/technologies are compatible with most platforms/distros?!

One example: With CentOS the "mod_fastcgi" is not standard and it takes higher efforts to find an (unofficial) RPM or to compile it manually.

An authentication by .htaccess should be available on nearly all servers - even it might be harder to implement on isp-CP-side.

Kind regards, keep up your good work,
Jens

11-01-2007 05:26 AM
Find all posts by this user Quote this message in a reply
BeNe
Moderator
*****


Posts: 2,557
Group: Moderators
Joined: Jan 2007
Status: Offline
Reputation: 35
Post: #15
RE: Awstats password protection

Quote:
An authentication by .htaccess should be available on nearly all servers

Of course - .htaccess works, but is not really flexible and dynamic.
I use .htaccess on my Server and i must every single user...
A connect to the db would be very fine here.

Quote:
yeah you're right - it seems as if the mysql license is not compatible with debian's ...
so they didn't include the mysql driver ... this is bad.

I found some compiled .deb files of mysql driver but they are damn buggy and apache2 sometimes does not start -> Segment fault...

Greez BeNe



:: ispCP Omega RC5 Live Demo - r1267 (19.05.08) --> http://www.isp-control.net/forum/ispcp-o...ml#pid2169 <--
11-01-2007 06:40 AM
Visit this user's website Find all posts by this user Quote this message in a reply
linux-guru
Junior Member
*


Posts: 27
Group: Registered
Joined: Jul 2007
Status: Offline
Reputation: 0
Post: #16
RE: Awstats password protection

I did a (quite dirty) hack for enabling authentication of stats in static mode.

At first, since mod_auth_mysql is not available on etch and dbd has no mysql-support, the only alternative is libapache2-mod-auth-pam which could be made using libpam-mysql. BUT: libpam-mysql has problems to support md5-password.
So another "hack" is needed. Please see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373834
When the new package is built, install it, and configure as follows:

1. Install libapache2-mod-auth-pam

Code:
apt-get install libapache2-mod-auth-pam -y


2. Create .htaccess e.g. in /var/www/ispcp/engine/awstats/ with the following content:

Code:
AuthPAM_Enabled on
        AuthPAM_FallThrough off
        AuthType Basic
        AuthName "Restricted area"
        AuthUserFile /dev/null
        AuthBasicAuthoritative Off
        Require valid-user


3. Make /etc/pam.d/apache2 looking like this:

Code:
auth required pam_mysql.so user=root passwd=YOUR_PASS host=localhost db=ispcp table=admin usercolumn=admin_name passwdcolumn=admin_pass crypt=3
account required pam_mysql.so user=root passwd=YOUR_PASS host=localhost db=ispcp table=admin usercolumn=admin_name passwdcolumn=admin_pass crypt=3
#@include common-auth
#@include common-account


4. Edit /var/www/ispcp/engine/ispcp-dmn-mngr
after (currently lines 1911-1921)

Code:
if ($main::cfg{'AWSTATS_ACTIVE'} eq 'yes' && $main::cfg{'AWSTATS_MODE'} eq 1) {
                if (! -d "$www_dir/$dmn_name/statistics") {
                    $rs = make_dir(
                                    "$www_dir/$dmn_name/statistics",
                                    $sys_user,
                                    $sys_group,
                                    0755
                                    );

                return $rs if ($rs != 0);
        }

insert

Code:
if (! -e "$www_dir/$dmn_name/statistics/.htaccess") {

                $rs = sys_command("$main::cfg{'CMD_CP'} -p $root_dir/engine/awstats/.htaccess $www_dir/$dmn_name/statistics/");
                return $rs if ($rs != 0);
                $rs = setfmode("$www_dir/$dmn_name/statistics/.htaccess", $sys_user, $sys_group, 0644);
                return $rs if ($rs != 0);
            }

and the same again after

Code:
if ($main::cfg{'AWSTATS_ACTIVE'} eq 'yes' && $main::cfg{'AWSTATS_MODE'} eq 1) {
                if (! -d "$www_dir/$dmn_name/statistics") {
                    $rs = make_dir(
                                    "$www_dir/$dmn_name/statistics",
                                    $sys_user,
                                    $sys_group,
                                    0755
                                    );

                return $rs if ($rs != 0);
        }

(currently lines 2347-2357)

5. Tell ispcp that there are changes which are needed to be processed.

Code:
mysql -u root -p<password>
mysql>USE ispcp
mysql>UPDATE domain SET domain_status = 'change' WHERE domain_status = 'ok';
mysql>quit


6. Run the update

Code:
/var/www/ispcp/engine/ispcp-rqst-mngr


Now your users have protected stats which can only be seen through authentication with their ispcp-admin-login and the corresponding password.

Note: If one knows another hosting on this machine, he/she it is able to see the other users stats while entering his own credentials!

Feedback is welcome! :-)

This post was last modified: 12-23-2007 04:04 AM by linux-guru.
12-23-2007 02:25 AM
Find all posts by this user Quote this message in a reply
Mike



Posts: 1
Group: Registered
Joined: Feb 2007
Status: Offline
Reputation: 0
Post: #17
RE: Awstats password protection

Another Method would be over PHP-CURL... so we would be able to check the siteconfig with the user (from DB)...

PHP Code:
    header('WWW-Authenticate: Basic realm="Domain Statistics"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Authorization Required.';
    exit; 

This post was last modified: 12-26-2007 07:36 AM by Mike.
12-26-2007 07:35 AM
Find all posts by this user Quote this message in a reply
divion



Posts: 3
Group: Registered
Joined: Jan 2008
Status: Offline
Reputation: 0
Post: #18
RE: Awstats password protection

Happy to see you all here working with a non dieing version of VHCS.

To add my help to this section ( havent tested ispcp yet (dont blame me i found it today) ) i was working with 2 scripts that were updating the stats, making new conf files and copying stats to users dir for backup.

If any of this would be helpfull to anyone send me a msg to post them.
Not to mention ( Debian 3.1 (Not updated this either))

01-09-2008 03:21 PM
Find all posts by this user Quote this message in a reply
NoFutureKid
Junior Member
*


Posts: 16
Group: Registered
Joined: May 2007
Status: Offline
Reputation: 0
Post: #19
RE: Awstats password protection

What about mod_authn_dbi (http://mod-auth.sourceforge.net)?

01-23-2008 04:06 AM
Find all posts by this user Quote this message in a reply
BeNe
Moderator
*****


Posts: 2,557
Group: Moderators
Joined: Jan 2007
Status: Offline
Reputation: 35
Post: #20
RE: Awstats password protection

Never heard about it Rolleyes
Maybe you can try to get it running ?

I use a dirty workaround with a .htaccess in the Apache Awstats Directive.
But it works...

Greez BeNe



:: ispCP Omega RC5 Live Demo - r1267 (19.05.08) --> http://www.isp-control.net/forum/ispcp-o...ml#pid2169 <--
01-23-2008 05:50 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply  Post Thread 

View a Printable Version
Send this Thread to a Friend
Subscribe to this Thread | Add Thread to Favorites
Forum Jump:

Contact Us | isp Control Panel ( ispCP ) a VHCS fork | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication

| All rights reserved : isp-control.net |