htpasswd problem

nfn

New Member
#1
Hi,

I'm having som trouble generating passwords to protect directory/files.
I go to the vhosts Security tab and create a new real file:

1.png

Then I create a user + pass and save.

2.png
The htpasswd file is created and the user is in the file, but I I can login ... the logs say:

Code:
2019-12-09 14:04:03.388891 [INFO] [x.x.x.x:12345:HTTP2-3#example.com] User 'user' failed to authenticate.
Edit: using OpenLiteSpeed 1.6.4

Any help?

Thanks
 
Last edited:

nfn

New Member
#3
Can you check if there's any entry inside of your DBfile?
Hi,

Yes there's an entry in the htpasswd file, but generating the password either with htpasswd binary or multiple generator inline I can't get it working:

https://www.askapache.com/online-tools/htpasswd-generator/
http://aspirine.org/htpasswd_en.html

Eveytime I change the password I restart the server
I alway get failed to authenticate in the logs.

The relevant configuration is:

Code:
realm Protected {

  userDB  {
    location              $VH_ROOT/htpasswd
    maxCacheSize          200
    cacheTimeout          60
  }
}

context /admin.php {
  location                ./admin.php
  allowBrowse             1
  realm                   Protected
  required                user user

  rewrite  {

  }
  addDefaultCharset       off

  phpIniOverride  {

  }
}
 

nfn

New Member
#5
Thanks

chmod 644 htpasswd and 755 $VH_ROOT solved the problem :)
Both files/folder where created with 600 and 700 by openlitespeed ... eventually this could be changes to 644 and 755 by default.
 
#6
Hi @all

I have exact the same issue. Have checked all permissions and regenerate all entries. I allways got a error 401 if i insert username and password

PS: I wanted to upload screenshots - but is does not work - loading bar ends at 100% and not further action :-(
 
Last edited:
#8
@nfn
I have found my problem - NFN has described it correct, but i have interpret it wrong....

The permission of the folder /usr/local/lsws/conf/vhosts was wrong. I have set it to 755 and it works
Wrongly I have thought the persission of the containded folder have set to 755 (/usr/local/lsws/conf/vhosts/VHOSTNAME)
$VH_ROOT is /usr/local/lsws/conf/vhosts :confused:

Thanks Othmar
 
#9
Attention!!! unfortunately the permission of the folder /usr/local/lsws/conf/vhosts will be set incorrect also at each update! I have updated yersterday to OpenLiteSpeed 1.6.9 and the permission was wrong again after the update.
Login on passwort protected areas was broken again. After set permission of the vhost folder to 755 authentification was ok.
Please fix the bug. Thank you.
 

David

Active Member
#10
The permission of /conf/ is supposed to be 750 as below
drwxr-x--- 5 lsadm nogroup 4096 Feb 25 02:02 conf/

You made change to 755 is to let others can read your conf. This may cause a security issue.
This is why we will automatically fix this issue when you start the service.

Can you try to change to 750, and check if it work?
 
#11
The permission of /conf/ is drwxr-x---. 5 lsadm nobody 4096 24. Feb 23:35 conf
The permission of /vhosts is drwxr-xr-x. 9 lsadm lsadm 140 21. Feb 17:28 vhosts
Service restart did not change this.
If i change the permission of /vhosts to drwxr-x---. 9 lsadm nobody 140 21. Feb 17:28 vhosts it works. Is group is lsadm it did not work.
All directories are owned by lsadm and not by nobody!
2020-02-25 20_06_56-root@awekassrv01__usr_local_lsws_conf.png
I think this can be the problem.
 
#13
vhosts yes - but other files i did'nt know. This is a production system. Can't test an produce other problems.
On 2.nd server file permissions and owner are the same. goup is lsadm
 

David

Active Member
#14
As design, conf is owned by `lsadm`, but can be access by group `nogroup`.
This is the reason why it is 750 with lsadm/nogroup.
Server start will fix the /conf/ DIR only in current code. We may change to fix the whole directory at that time.
 
#15
Problem in OpenLiteSpeed 1.6.10 NOT fixed. after update /vhosts folder has wrong owner (lsadmin/lsadmin) --> correct (lsadmin/nobody)
 

David

Active Member
#16
In this version, I did not fix it, because of afraid of side effect.
If it is a one time fix, please manually fix it.
Or maybe later, I can update lsup.sh to have more function to deal with this situation.
Thanks
David
 
Top