Free Web Hosting

October 7, 2020

Brilliant! We do have a linux server running Apache. This is by far the best way of getting space. If I can do that, I suddenly have 120GB of web space and no bandwidth limits:(. It keeps a high uptime as well. But, call me paranoid, how do you get the security set up. Currently our Apache server is available on the WWW (www.scuffell.uni,cc), but behind a .htaccess password protection system. If I can sort the security out, then I’ll definitely do it this way. Email me if you want:sidewallwolf@hotmail.com.

FWIW

 

.htaccess is not the best way of doing security on a Apache server – it is cumbersome (requiring a restart every time you change user access) and it slows down the server every access – the reason being is when using .htacess and setting allowoverride All in the httpd.conf file Apache will look in every directory for .htaccess files. I have seen tests suggesting the performance hit is up to 20%. This occurs on all directories/ pages opened whether you actually have a htaccess file – also the .htaccess file is loaded every time a document is requested.

 

.htaccess should only be used if you dont have access to edit the httpd.conf file – which is the case when you dont own the server

 

Best way is to define groups in the password file, and use Directory Directives in the httpd.conf file

 

ie to lock out a directory use something like – this would allow users of group admin and groupa and a user called fred to access this folder

 

# Lock out Directory XXX

AuthName “Welcome to the A Passworded Directory – please enter your Username and Password”

AuthType Basic

AuthUserFile path/to/password/file/htpasswd

AuthGroupFile path/tofolder containing group/definitions/groups

require group admin groupa

require user fred

 

In htpasswd you define all the user:password lists, allocate them groups in the groups file

 

see http://httpd.apache.org/docs/howto/htaccess.html#when

Source