How to Enable UserDir and Password Protect Web Directories on Zentyal Webserver

To Enable UserDir and Password Protect Web Directories on Zentyal Webserver

Zentyal webserver module can be configured to activate Public HTML using Linux BASH scripts to dynamically generate contents for webpage. To Enable UserDir and Password Protect Web Directories on Zentyal Webserver is explained.

Requirements

  • Zentyal Install Guide
  • Install Web Services (Apache) in Zentyal Server

Go to the Web Server Module, select Enable per user public_html and click on Change button to Save changes.

Open a browser and navigate to //linuxhelp.com/~< $username$>

Here, we are using a bash script file " userr-dir" to give www-data group ownership with execution permissions on /home/$USER directory and create a public_html folder inside the respective users path.

root@linuxhelp:~ # nano userr-dir
#!/bin/bash 
for i in `ls /home | grep -v samba| grep -v lost+found`   do         
            mkdir /home/$i/public_html 
## Make world readable and executable, so that www-data can access it  ##         
            chmod -R 755 /home/$i       
         chgrp -R www-data /home/$i/public_html/ 
## Next code should be on a single line
 ## echo " < html> < body data-style=' background-color:#2DC612' > < div align=' center' > < p> < H1 
data-style=' color:#fff' > Welcome user $i on < a data-style=' color:#fff'  
href=' https://mydomain.com' > `hostname -f` < /a> < /H1> < /p> < /div> < /body> < /html> "  >  /home/$i/public_html/index.html 
## List /home/$USER permissions and public_html perm optional ## 
echo " ......................."  
ls -all /home/$i 
echo " ......................"  
ls -all /home/$i/public_html done

Open a browser and navigate to //linuxhelp.com/~< $username$>

To enable this to windows, logon and create a file called public_html.bat in the respective users desktop.

[user1@linuxhelp~ Desktop]$ nano public_html.bat

Add the following line in the file

explorer //linuxhelp.com/~%username%

Now go to Domain -> Group Policy Objects -> Default Domain Policy -> GPO Editor.

In User Configuration hit Add New Logon Script, Browse the public_html.bat file and select ADD.

Now Logon to the windows machine, the following screen appears.

Password Protect Web Directory

First you need to enable the “ auth_basic” and then restart zentyal webserver using the following command.

root@linuxhelp:~ # a2enmod auth_basic
root@linuxhelp:~ # service zentyal webserver restart

And then backup the vhost.mas file before modifying Zentyal Apache Vhost template located in “ /usr/share/zentyal/stubs/webserver/” path. Now, open the vhost.mas file and change“ AllowOverride“ from none to all.

root@linuxhelp:~ # cp /usr/share/zentyal/stubs/webserver/vhost.mas /usr/share/zentyal/stubs/webserver/vhost.mas.blk
root@linuxhelp:~ # nano /usr/share/zentyal/stubs/webserver/vhost.mas

Then restart Zentyal Webserver module to update new changes.

root@linuxhelp:~ # service zentyal webserver restart

Create .htpasswd file and add some users using htpasswd command.For that create the htpass directory in /srv/www/ path and set the permission as 750 and group ownership as www-data. Now the first user is created using “ -c” (create) option and the other users can be created without using the &ndash c option.

root@linuxhelp:~ # mkdir /srv/www/htpass
root@linuxhelp:~ # chmod -R 750 /srv/www/htpass
root@linuxhelp:~ # chgrp -R www-data /srv/www/htpass
root@linuxhelp:~ # htpasswd -c /srv/www/htpass/.htpasswd user2
New password:
Retype password:
Adding passw0rd for user user2

So now the .htpasswd file contains the password details of the user2.

Next we want to protect " //virtual.linuxhelp.com" URL from other users. To do this, create a .htaccess file on /srv/www/virtual.linuxhelp.com/ path and add the following lines in htaccess file.

root@linuxhelp:~# nano /srv/www/virtual.linuxhelp.com/.htaccess
AuthType basic
AuthName password
AuthBasicProvider file
AuthUserFile /srv/www/htpass/.htpasswd
Require user user2

Now set the permissions and change group ownership for htaccess file using the following command.

root@linuxhelp:~# chmod 750 /srv/www/virtual.linuxhelp.com/.htaccess
root@linuxhelp:~# chgrp www-data /srv/www/virtual.linuxhelp.com/.htaccess

Open the browser and type your subdomain name. An authentication window prompts, enter the user credentials and login.

Tag : Zentyal Web Server
FAQ
Q
Why need to set the password protection for "Zentyal" web directory?
A
Password protecting a web directory can be a useful secured way to manage web content on a "zentyal" web server.
Q
How to create and run the script in windows?
A
You can refer the following link to get an idea about create and run the script in windows, "https://technet.microsoft.com/en-us/library/bb613481(v=vs.85).aspx"
Q
Whether the Zentyal is allowed to manage the firewall of the system?
A
Yes. the Zentyal is allowed to manage the firewall of the system.
Q
I got a security warning the first time I tried to access the web interface of Zentyal, should I worry?
A
It's completely normal, since Zentyal is configured to use an https port, and there is no Certification Authority validating the certificate (it's self-signed). You can learn more about securing services, certificates and how to produce a valid one following the link as "https://doc.zentyal.org/en/ca.html".
Q
Can I change Zentyal's web interface language?
A
Yes, from the System -> General menu, but you will need to install the appropriate language pack first, for example, to install Spanish support, I will type down in the CLI sudo apt-get install language-pack-zentyal-es, and then select Spanish in the interface.